=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v retrieving revision 1.31 retrieving revision 1.32 diff -u -r1.31 -r1.32 --- www/errata38.html 2010/03/08 21:53:37 1.31 +++ www/errata38.html 2010/07/08 19:00:07 1.32 @@ -54,7 +54,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. @@ -94,7 +94,7 @@ CVE-2006-4924, CVE-2006-5051
- + A source code patch exists which remedies this problem.

@@ -106,7 +106,7 @@ Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
- + A source code patch exists which remedies this problem.

@@ -123,7 +123,7 @@ CVE-2006-4343, CVE-2006-2940
- + A source code patch exists which remedies this problem.

@@ -135,7 +135,7 @@ style attacks. CVE-2006-3918
- + A source code patch exists which remedies this problem.

@@ -146,7 +146,7 @@ valid PKCS#1 v1.5 signature. CVE-2006-4339
- + A source code patch exists which remedies this problem.

@@ -162,7 +162,7 @@ CVE-2006-4095 CVE-2006-4096
- + A source code patch exists which remedies this problem.

@@ -174,7 +174,7 @@ connection causing the kernel to panic. CVE-2006-4304
- + A source code patch exists which remedies this problem.

@@ -188,7 +188,7 @@ An attacker could reinject sniffed IPsec packets, which will be accepted without checking the replay counter.
- + A source code patch exists which remedies this problem.

@@ -197,7 +197,7 @@ It is possible to cause the kernel to panic when more than the default number of sempahores have been allocated.
- + A source code patch exists which remedies this problem.

@@ -210,7 +210,7 @@ to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option. CVE-2006-3122
- + A source code patch exists which remedies this problem.

@@ -220,7 +220,7 @@ with really long header lines could trigger a use-after-free bug causing sendmail to crash.
- + A source code patch exists which remedies this problem.

@@ -233,7 +233,7 @@ could be triggered remotely. The default install is not affected by the buffer overflow. CVE-2006-3747
- + A source code patch exists which remedies this problem.

@@ -246,7 +246,7 @@ delivered. However, mail messages in the queue may not be reattempted if a malformed MIME message exists.
- + A source code patch exists which remedies this problem.

@@ -257,7 +257,7 @@ Clients authorized to connect to the X server are able to crash it and to execute malicious code within the X server.
- + A source code patch exists which remedies this problem.

@@ -267,7 +267,7 @@ asynchronous signals. A remote attacker may be able to execute arbitrary code with the privileges of the user running sendmail, typically root.
- + A source code patch exists which remedies this problem.

@@ -281,7 +281,7 @@ This can be exploited to execute shell commands with privileges of the user running scp(1).
- + A source code patch exists which remedies this problem.

@@ -292,7 +292,7 @@ so even root is blocked from accessing the ioports unless the machine is running at lower securelevels or with an open X11 aperture.
- + A source code patch exists which remedies this problem.

@@ -307,7 +307,7 @@ requests need it to. This is now implemented using only GDT selectors instead of the LDT so that it is more robust as well.
- + A source code patch exists which remedies this problem.

@@ -315,7 +315,7 @@ 002: SECURITY FIX: January 5, 2006   All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
- + A source code patch exists which remedies this problem.

@@ -324,7 +324,7 @@ A buffer overflow has been found in the Perl interpreter with the sprintf function which may be exploitable under certain conditions.
- + A source code patch exists which remedies this problem.

@@ -368,7 +368,7 @@

OpenBSD www@openbsd.org -
$OpenBSD: errata38.html,v 1.31 2010/03/08 21:53:37 deraadt Exp $ +
$OpenBSD: errata38.html,v 1.32 2010/07/08 19:00:07 sthen Exp $