=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata40.html,v retrieving revision 1.61 retrieving revision 1.62 diff -c -r1.61 -r1.62 *** www/errata40.html 2017/03/28 04:04:52 1.61 --- www/errata40.html 2017/03/28 06:41:18 1.62 *************** *** 83,89 ****

017: SECURITY FIX: October 10, 2007 All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow. --- 83,89 ----
- 017: SECURITY FIX: October 10, 2007 All architectures
  The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow. *************** *** 92,98 **** A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: October 8, 2007 All architectures
  Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
  --- 92,98 ---- A source code patch exists which remedies this problem.
  !
- 016: SECURITY FIX: October 8, 2007 All architectures
  Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
  *************** *** 103,109 **** A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: July 9, 2007 All Architectures
  Fix possible heap overflow in file(1), aka CVE-2007-1536.
  --- 103,109 ---- A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: July 9, 2007 All Architectures
  Fix possible heap overflow in file(1), aka CVE-2007-1536.
  *************** *** 111,117 **** A source code patch exists which remedies this problem.
  !
- 014: STABILITY FIX: May 9, 2007 All Architectures
  A malicious client can cause a division by zero.
  --- 111,117 ---- A source code patch exists which remedies this problem.
  !
- 014: STABILITY FIX: May 9, 2007 All Architectures
  A malicious client can cause a division by zero.
  *************** *** 119,125 **** A source code patch exists which remedies this problem.
  !
- 013: STABILITY FIX: April 26, 2007 PowerPC
  An unhandled AltiVec assist exception can cause a kernel panic.
  --- 119,125 ---- A source code patch exists which remedies this problem.
  !
- 013: STABILITY FIX: April 26, 2007 PowerPC
  An unhandled AltiVec assist exception can cause a kernel panic.
  *************** *** 127,133 **** A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: April 23, 2007 All architectures
  IPv6 type 0 route headers can be used to mount a DoS attack against --- 127,133 ---- A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: April 23, 2007 All architectures
  IPv6 type 0 route headers can be used to mount a DoS attack against *************** *** 137,143 **** A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: April 4, 2007 All architectures
  Multiple vulnerabilities have been discovered in X.Org.
  --- 137,143 ---- A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: April 4, 2007 All architectures
  Multiple vulnerabilities have been discovered in X.Org.
  *************** *** 161,167 **** 2nd revision, March 17, 2007
  Incorrect mbuf handling for ICMP6 packets.
  Using ! pf(4) to avoid the problem packets is an effective workaround until the patch can be installed.
  Use "block in inet6" in /etc/pf.conf --- 161,167 ---- 2nd revision, March 17, 2007
  Incorrect mbuf handling for ICMP6 packets.
  Using ! pf(4) to avoid the problem packets is an effective workaround until the patch can be installed.
  Use "block in inet6" in /etc/pf.conf *************** *** 193,199 **** 007: SECURITY FIX: January 3, 2007 i386 only
  Insufficient validation in ! vga(4) may allow an attacker to gain root privileges if the kernel is compiled with option PCIAGP and the actual device is not an AGP device. --- 193,199 ---- 007: SECURITY FIX: January 3, 2007 i386 only
  Insufficient validation in ! vga(4) may allow an attacker to gain root privileges if the kernel is compiled with option PCIAGP and the actual device is not an AGP device. *************** *** 224,230 **** 005: SECURITY FIX: November 19, 2006 All architectures
  The ELF ! ld.so(1) fails to properly sanitize the environment. There is a potential localhost security problem in cases we have not found yet. This patch applies to all ELF-based systems (m68k, m88k, and vax are a.out-based systems). --- 224,230 ---- 005: SECURITY FIX: November 19, 2006 All architectures
  The ELF ! ld.so(1) fails to properly sanitize the environment. There is a potential localhost security problem in cases we have not found yet. This patch applies to all ELF-based systems (m68k, m88k, and vax are a.out-based systems). *************** *** 237,243 **** 004: RELIABILITY FIX: November 7, 2006 All architectures
  Due to a bug in the ! arc(4) RAID driver the driver will not properly synchronize the cache to the logical volumes upon system shut down. The result being that the mounted file systems within the logical volumes will not be properly marked as being clean and fsck will be run for the subsequent --- 237,243 ---- 004: RELIABILITY FIX: November 7, 2006 All architectures
  Due to a bug in the ! arc(4) RAID driver the driver will not properly synchronize the cache to the logical volumes upon system shut down. The result being that the mounted file systems within the logical volumes will not be properly marked as being clean and fsck will be run for the subsequent *************** *** 251,257 **** 003: SECURITY FIX: November 4, 2006 All architectures
  Fix for an integer overflow in ! systrace(4)'s STRIOCREPLACE support, found by Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation. --- 251,257 ---- 003: SECURITY FIX: November 4, 2006 All architectures
  Fix for an integer overflow in ! systrace(4)'s STRIOCREPLACE support, found by Chris Evans. This could be exploited for DoS, limited kmem reads or local privilege escalation. *************** *** 282,288 ****
- 001: SECURITY FIX: November 4, 2006 All architectures
  ! httpd(8) does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks. --- 282,288 ----
- 001: SECURITY FIX: November 4, 2006 All architectures
  ! httpd(8) does not sanitize the Expect header from an HTTP request when it is reflected back in an error message, which might allow cross-site scripting (XSS) style attacks.