===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata40.html,v
retrieving revision 1.68
retrieving revision 1.69
diff -c -r1.68 -r1.69
*** www/errata40.html 2019/05/27 22:55:20 1.68
--- www/errata40.html 2019/05/28 16:32:42 1.69
***************
*** 82,194 ****
-stable branch.
-
! -
! 017: SECURITY FIX: October 10, 2007
All architectures
! The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
!
A source code patch exists which remedies this problem.
!
-
! 016: SECURITY FIX: October 8, 2007
All architectures
! Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
! A DHCP client that claimed to require a maximum message size less than
! the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
!
A source code patch exists which remedies this problem.
!
-
! 015: SECURITY FIX: July 9, 2007
! All Architectures
! Fix possible heap overflow in file(1), aka CVE-2007-1536.
!
! A source code patch exists which remedies this problem.
!
!
!
-
! 014: STABILITY FIX: May 9, 2007
! All Architectures
! A malicious client can cause a division by zero.
!
! A source code patch exists which remedies this problem.
!
!
!
-
! 013: STABILITY FIX: April 26, 2007
! PowerPC
! An unhandled AltiVec assist exception can cause a kernel panic.
!
! A source code patch exists which remedies this problem.
!
!
!
-
! 012: SECURITY FIX: April 23, 2007
All architectures
! IPv6 type 0 route headers can be used to mount a DoS attack against
! hosts and networks. This is a design flaw in IPv6 and not a bug in
! OpenBSD.
!
A source code patch exists which remedies this problem.
!
-
! 011: SECURITY FIX: April 4, 2007
All architectures
! Multiple vulnerabilities have been discovered in X.Org.
! XC-MISC extension ProcXCMiscGetXIDList memory corruption vulnerability,
! BDFFont parsing integer overflow vulnerability,
! fonts.dir file parsing integer overflow vulnerability,
! multiple integer overflows in the XGetPixel() and XInitImage functions
! in ImUtil.c.
! CVE-2007-1003,
! CVE-2007-1351,
! CVE-2007-1352,
! CVE-2007-1667.
!
A source code patch exists which remedies this problem.
!
-
! 010: SECURITY FIX: March 7, 2007
All architectures
! 2nd revision, March 17, 2007
! Incorrect mbuf handling for ICMP6 packets.
! Using
! pf(4)
! to avoid the problem packets is an effective workaround until the patch
! can be installed.
! Use "block in inet6" in /etc/pf.conf
!
A source code patch exists which remedies this problem.
!
-
! 009: INTEROPERABILITY FIX: February 4, 2007
All architectures
! A US daylight saving time rules change takes effect in 2007.
!
! A source code patch exists which syncs the timezone data files with tzdata2007a.
!
!
!
-
! 008: RELIABILITY FIX: January 16, 2007
! All architectures
! Under some circumstances, processing an ICMP6 echo request would cause
! the kernel to enter an infinite loop.
-
- A source code patch exists which remedies this problem.
-
--- 82,174 ----
-stable branch.