===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata41.html,v
retrieving revision 1.23
retrieving revision 1.24
diff -c -r1.23 -r1.24
*** www/errata41.html 2010/03/08 21:53:37 1.23
--- www/errata41.html 2010/07/08 19:00:07 1.24
***************
*** 54,60 ****
--- 93,99 ----
Avoid possible hijacking of X11-forwarded connections with sshd(8)
by refusing to listen on a port unless all address families bind
successfully.
!
A source code patch exists which remedies this problem.
***************
*** 103,123 ****
directive was in effect, allowing users with write access to this file to
execute arbitrary commands. This behaviour was documented, but was an unsafe
default and an extra hassle for administrators.
!
A source code patch exists which remedies this problem.
--- 103,123 ----
directive was in effect, allowing users with write access to this file to
execute arbitrary commands. This behaviour was documented, but was an unsafe
default and an extra hassle for administrators.
!
A source code patch exists which remedies this problem.
***************
*** 138,144 ****
CVE-2007-6429,
CVE-2008-0006.
!
A source code patch exists which remedies this problem.
--- 138,144 ----
CVE-2007-6429,
CVE-2008-0006.
!
A source code patch exists which remedies this problem.
***************
*** 146,152 ****
011: SECURITY FIX: October 10, 2007 All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
!
A source code patch exists which remedies this problem.
--- 146,152 ----
011: SECURITY FIX: October 10, 2007 All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
!
A source code patch exists which remedies this problem.
***************
*** 156,190 ****
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
!
A source code patch exists which remedies this problem.
--- 156,190 ----
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
!
A source code patch exists which remedies this problem.
***************
*** 193,199 ****
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.
!
A source code patch exists which remedies this problem.
--- 193,199 ----
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.
!
A source code patch exists which remedies this problem.
***************
*** 210,216 ****
CVE-2007-1352,
CVE-2007-1667.
!
A source code patch exists which remedies this problem.
--- 210,216 ----
CVE-2007-1352,
CVE-2007-1667.
!
A source code patch exists which remedies this problem.
***************
*** 218,231 ****
003: RELIABILITY FIX: April 27, 2007 All architectures
Bugs found in the spamd sychronization mechanism could cause corrupted
databases.
!
A source code patch exists which remedies this problem.
--- 218,231 ----
003: RELIABILITY FIX: April 27, 2007 All architectures
Bugs found in the spamd sychronization mechanism could cause corrupted
databases.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
can be installed.
Use "block in inet6" in /etc/pf.conf
!
A source code patch exists which remedies this problem.
--- 238,244 ----
can be installed.
Use "block in inet6" in /etc/pf.conf
!
A source code patch exists which remedies this problem.
*************** *** 282,288 ****