===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- www/errata38.html 2006/07/30 17:35:57 1.9
+++ www/errata38.html 2006/08/25 15:56:06 1.10
@@ -75,6 +75,52 @@
+-
+013: SECURITY FIX: August 25, 2006 All architectures
+A problem in
+isakmpd(8)
+caused IPsec to run partly without replay protection. If
+isakmpd(8)
+was acting as responder during SA negotiation, SA's with a replay window of size 0 were created.
+An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
+replay counter.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+012: SECURITY FIX: August 25, 2006 All architectures
+It is possible to cause the kernel to panic when more than the default number of
+sempahores have been allocated.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+011: SECURITY FIX: August 25, 2006 All architectures
+Due to an off-by-one error in
+dhcpd(8),
+it is possible to cause
+dhcpd(8)
+to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
+CVE-2006-3122
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+010: SECURITY FIX: August 25, 2006 All architectures
+A potential denial of service problem has been found in sendmail. A message
+with really long header lines could trigger a use-after-free bug causing
+sendmail to crash.
+
+
+A source code patch exists which remedies this problem.
+
+
-
009: SECURITY FIX: July 30, 2006 All architectures
httpd
@@ -211,7 +257,7 @@
www@openbsd.org
-
$OpenBSD: errata38.html,v 1.9 2006/07/30 17:35:57 brad Exp $
+
$OpenBSD: errata38.html,v 1.10 2006/08/25 15:56:06 brad Exp $