=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata40.html,v retrieving revision 1.28 retrieving revision 1.29 diff -c -r1.28 -r1.29 *** www/errata40.html 2010/03/08 21:53:37 1.28 --- www/errata40.html 2010/07/08 19:00:07 1.29 *************** *** 54,60 ****
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. --- 54,60 ----
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. *************** *** 91,97 **** 017: SECURITY FIX: October 10, 2007   All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
! A source code patch exists which remedies this problem.

--- 91,97 ---- 017: SECURITY FIX: October 10, 2007   All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
! A source code patch exists which remedies this problem.

*************** *** 101,128 **** A DHCP client that claimed to require a maximum message size less than the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
! A source code patch exists which remedies this problem.

  • 015: SECURITY FIX: July 9, 2007   All Architectures
    Fix possible heap overflow in file(1), aka CVE-2007-1536.
    ! A source code patch exists which remedies this problem.

  • 014: STABILITY FIX: May 9, 2007   All Architectures
    A malicious client can cause a division by zero.
    ! A source code patch exists which remedies this problem.

  • 013: STABILITY FIX: April 26, 2007   PowerPC
    An unhandled AltiVec assist exception can cause a kernel panic.
    ! A source code patch exists which remedies this problem.

    --- 101,128 ---- A DHCP client that claimed to require a maximum message size less than the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
    ! A source code patch exists which remedies this problem.

  • 015: SECURITY FIX: July 9, 2007   All Architectures
    Fix possible heap overflow in file(1), aka CVE-2007-1536.
    ! A source code patch exists which remedies this problem.

  • 014: STABILITY FIX: May 9, 2007   All Architectures
    A malicious client can cause a division by zero.
    ! A source code patch exists which remedies this problem.

  • 013: STABILITY FIX: April 26, 2007   PowerPC
    An unhandled AltiVec assist exception can cause a kernel panic.
    ! A source code patch exists which remedies this problem.

    *************** *** 131,137 **** IPv6 type 0 route headers can be used to mount a DoS attack against hosts and networks. This is a design flaw in IPv6 and not a bug in OpenBSD.
    ! A source code patch exists which remedies this problem.

    --- 131,137 ---- IPv6 type 0 route headers can be used to mount a DoS attack against hosts and networks. This is a design flaw in IPv6 and not a bug in OpenBSD.
    ! A source code patch exists which remedies this problem.

    *************** *** 148,154 **** CVE-2007-1352, CVE-2007-1667.
    ! A source code patch exists which remedies this problem.

    --- 148,154 ---- CVE-2007-1352, CVE-2007-1667.
    ! A source code patch exists which remedies this problem.

    *************** *** 162,168 **** can be installed.
    Use "block in inet6" in /etc/pf.conf
    ! A source code patch exists which remedies this problem.

    --- 162,168 ---- can be installed.
    Use "block in inet6" in /etc/pf.conf
    ! A source code patch exists which remedies this problem.

    *************** *** 170,176 **** 009: INTEROPERABILITY FIX: February 4, 2007   All architectures
    A US daylight saving time rules change takes effect in 2007.
    ! A source code patch exists which syncs the timezone data files with tzdata2007a.

    --- 170,176 ---- 009: INTEROPERABILITY FIX: February 4, 2007   All architectures
    A US daylight saving time rules change takes effect in 2007.
    ! A source code patch exists which syncs the timezone data files with tzdata2007a.

    *************** *** 179,185 **** Under some circumstances, processing an ICMP6 echo request would cause the kernel to enter an infinite loop.
    ! A source code patch exists which remedies this problem.

    --- 179,185 ---- Under some circumstances, processing an ICMP6 echo request would cause the kernel to enter an infinite loop.
    ! A source code patch exists which remedies this problem.

    *************** *** 194,200 **** The PCIAGP option is present by default on i386 kernels only.
    ! A source code patch exists which remedies this problem.

    --- 194,200 ---- The PCIAGP option is present by default on i386 kernels only.
    ! A source code patch exists which remedies this problem.

    *************** *** 206,214 **** them from a mirror.
    The archives have been corrected. The correct MD5 of ! ports.tar.gz is eff352b4382a7fb7ffce1e8b37e9eb56, and for ! src.tar.gz it is b8d7a0dc6f3d27a5377a23d69c40688e.

    --- 206,214 ---- them from a mirror.
    The archives have been corrected. The correct MD5 of ! ports.tar.gz is eff352b4382a7fb7ffce1e8b37e9eb56, and for ! src.tar.gz it is b8d7a0dc6f3d27a5377a23d69c40688e.

    *************** *** 221,227 **** problem in cases we have not found yet. This patch applies to all ELF-based systems (m68k, m88k, and vax are a.out-based systems).
    ! A source code patch exists which remedies this problem.

    --- 221,227 ---- problem in cases we have not found yet. This patch applies to all ELF-based systems (m68k, m88k, and vax are a.out-based systems).
    ! A source code patch exists which remedies this problem.

    *************** *** 234,240 **** volumes will not be properly marked as being clean and fsck will be run for the subsequent boot up.
    ! A source code patch exists which remedies this problem.

    --- 234,240 ---- volumes will not be properly marked as being clean and fsck will be run for the subsequent boot up.
    ! A source code patch exists which remedies this problem.

    *************** *** 246,252 **** Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
    ! A source code patch exists which remedies this problem.

    --- 246,252 ---- Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation.
    ! A source code patch exists which remedies this problem.

    *************** *** 264,270 **** CVE-2006-2940
    ! A source code patch exists which remedies this problem.

    --- 264,270 ---- CVE-2006-2940
    ! A source code patch exists which remedies this problem.

    *************** *** 277,283 **** CVE-2006-3918
    ! A source code patch exists which remedies this problem.

    --- 277,283 ---- CVE-2006-3918
    ! A source code patch exists which remedies this problem.

    *************** *** 321,327 ****

    OpenBSD www@openbsd.org !
    $OpenBSD: errata40.html,v 1.28 2010/03/08 21:53:37 deraadt Exp $ --- 321,327 ----
    OpenBSD www@openbsd.org !
    $OpenBSD: errata40.html,v 1.29 2010/07/08 19:00:07 sthen Exp $