===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata39.html,v
retrieving revision 1.30
retrieving revision 1.31
diff -c -r1.30 -r1.31
*** www/errata39.html 2010/03/08 21:53:37 1.30
--- www/errata39.html 2010/07/08 19:00:07 1.31
***************
*** 54,60 ****
--- 89,95 ----
***************
*** 98,104 ****
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.
!
A source code patch exists which remedies this problem.
--- 98,104 ----
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.
!
A source code patch exists which remedies this problem.
***************
*** 115,121 ****
CVE-2007-1352,
CVE-2007-1667.
!
A source code patch exists which remedies this problem.
--- 115,121 ----
CVE-2007-1352,
CVE-2007-1667.
!
A source code patch exists which remedies this problem.
***************
*** 129,135 ****
can be installed.
Use "block in inet6" in /etc/pf.conf
!
A source code patch exists which remedies this problem.
--- 129,135 ----
can be installed.
Use "block in inet6" in /etc/pf.conf
!
A source code patch exists which remedies this problem.
***************
*** 137,143 ****
019: INTEROPERABILITY FIX: February 4, 2007 All architectures
A US daylight saving time rules change takes effect in 2007.
!
A source code patch exists which syncs the timezone data files with tzdata2007a.
--- 137,143 ----
019: INTEROPERABILITY FIX: February 4, 2007 All architectures
A US daylight saving time rules change takes effect in 2007.
!
A source code patch exists which syncs the timezone data files with tzdata2007a.
***************
*** 146,152 ****
Under some circumstances, processing an ICMP6 echo request would cause
the kernel to enter an infinite loop.
!
A source code patch exists which remedies this problem.
--- 146,152 ----
Under some circumstances, processing an ICMP6 echo request would cause
the kernel to enter an infinite loop.
!
A source code patch exists which remedies this problem.
***************
*** 161,167 ****
The PCIAGP option is present by default on i386
kernels only.
!
A source code patch exists which remedies this problem.
--- 161,167 ----
The PCIAGP option is present by default on i386
kernels only.
!
A source code patch exists which remedies this problem.
***************
*** 173,179 ****
problem in cases we have not found yet. This patch applies to all ELF-based
systems (m68k, m88k, and vax are a.out-based systems).
!
A source code patch exists which remedies this problem.
--- 173,179 ----
problem in cases we have not found yet. This patch applies to all ELF-based
systems (m68k, m88k, and vax are a.out-based systems).
!
A source code patch exists which remedies this problem.
***************
*** 188,194 ****
CVE-2006-4924,
CVE-2006-5051
!
A source code patch exists which remedies this problem.
--- 188,194 ----
CVE-2006-4924,
CVE-2006-5051
!
A source code patch exists which remedies this problem.
***************
*** 200,206 ****
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
--- 200,206 ----
Chris Evans. This could be exploited for DoS, limited kmem reads or local
privilege escalation.
!
A source code patch exists which remedies this problem.
***************
*** 217,223 ****
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
--- 217,223 ----
CVE-2006-4343,
CVE-2006-2940
!
A source code patch exists which remedies this problem.
***************
*** 229,235 ****
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
--- 229,235 ----
style attacks.
CVE-2006-3918
!
A source code patch exists which remedies this problem.
***************
*** 240,246 ****
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
--- 240,246 ----
valid PKCS#1 v1.5 signature.
CVE-2006-4339
!
A source code patch exists which remedies this problem.
***************
*** 256,262 ****
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
--- 256,262 ----
CVE-2006-4095
CVE-2006-4096
!
A source code patch exists which remedies this problem.
***************
*** 268,274 ****
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
--- 268,274 ----
connection causing the kernel to panic.
CVE-2006-4304
!
A source code patch exists which remedies this problem.
***************
*** 282,288 ****
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
--- 282,288 ----
An attacker could reinject sniffed IPsec packets, which will be accepted without checking the
replay counter.
!
A source code patch exists which remedies this problem.
***************
*** 291,297 ****
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
--- 291,297 ----
It is possible to cause the kernel to panic when more than the default number of
sempahores have been allocated.
!
A source code patch exists which remedies this problem.
***************
*** 304,310 ****
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
--- 304,310 ----
to exit by sending a DHCPDISCOVER packet with a 32-byte client identifier option.
CVE-2006-3122
!
A source code patch exists which remedies this problem.
***************
*** 314,320 ****
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
--- 314,320 ----
with really long header lines could trigger a use-after-free bug causing
sendmail to crash.
!
A source code patch exists which remedies this problem.
***************
*** 327,333 ****
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
--- 327,333 ----
could be triggered remotely. The default install is not affected by the
buffer overflow. CVE-2006-3747
!
A source code patch exists which remedies this problem.
***************
*** 340,346 ****
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
--- 340,346 ----
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
!
A source code patch exists which remedies this problem.
***************
*** 351,357 ****
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
--- 351,357 ----
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
!
A source code patch exists which remedies this problem.
***************
*** 362,368 ****
privileges of the user running sendmail, typically root. This is the second revision of
this patch.
!
A source code patch exists which remedies this problem.
--- 362,368 ----
privileges of the user running sendmail, typically root. This is the second revision of
this patch.
!
A source code patch exists which remedies this problem.
*************** *** 406,412 ****