===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata41.html,v
retrieving revision 1.56
retrieving revision 1.57
diff -c -r1.56 -r1.57
*** www/errata41.html 2017/03/28 04:04:52 1.56
--- www/errata41.html 2017/03/28 06:41:18 1.57
***************
*** 83,89 ****
! -
016: SECURITY FIX: April 3, 2008
All architectures
Avoid possible hijacking of X11-forwarded connections with sshd(8)
--- 83,89 ----
! -
016: SECURITY FIX: April 3, 2008
All architectures
Avoid possible hijacking of X11-forwarded connections with sshd(8)
***************
*** 93,99 ****
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: March 30, 2008
All architectures
sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand
--- 93,99 ----
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: March 30, 2008
All architectures
sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand
***************
*** 104,110 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 7, 2008
All architectures
Buffer overflow in ppp command prompt parsing.
--- 104,110 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: March 7, 2008
All architectures
Buffer overflow in ppp command prompt parsing.
***************
*** 112,118 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: February 22, 2008
All architectures
Incorrect assumptions in tcp_respond can lead to a kernel panic.
--- 112,118 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: February 22, 2008
All architectures
Incorrect assumptions in tcp_respond can lead to a kernel panic.
***************
*** 120,126 ****
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: February 8, 2008
All architectures
2nd revision, February 10, 2008
--- 120,126 ----
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: February 8, 2008
All architectures
2nd revision, February 10, 2008
***************
*** 142,148 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: October 10, 2007
All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
--- 142,148 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: October 10, 2007
All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
***************
*** 151,157 ****
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: October 8, 2007
All architectures
Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
--- 151,157 ----
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: October 8, 2007
All architectures
Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
***************
*** 162,168 ****
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: July 9, 2007
All Architectures
Fix possible heap overflow in file(1), aka CVE-2007-1536.
--- 162,168 ----
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: July 9, 2007
All Architectures
Fix possible heap overflow in file(1), aka CVE-2007-1536.
***************
*** 170,176 ****
A source code patch exists which remedies this problem.
!
-
008: STABILITY FIX: May 9, 2007
All Architectures
A malicious client can cause a division by zero.
--- 170,176 ----
A source code patch exists which remedies this problem.
!
-
008: STABILITY FIX: May 9, 2007
All Architectures
A malicious client can cause a division by zero.
***************
*** 178,184 ****
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: April 30, 2007
All architectures
Link state is not correctly tracked in ospfd and ripd.
--- 178,184 ----
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: April 30, 2007
All architectures
Link state is not correctly tracked in ospfd and ripd.
***************
*** 186,192 ****
A source code patch exists which remedies this problem.
!
-
006: STABILITY FIX: April 27, 2007
PowerPC
An unhandled AltiVec assist exception can cause a kernel panic.
--- 186,192 ----
A source code patch exists which remedies this problem.
!
-
006: STABILITY FIX: April 27, 2007
PowerPC
An unhandled AltiVec assist exception can cause a kernel panic.
***************
*** 194,200 ****
A source code patch exists which remedies this problem.
!
-
005: SECURITY FIX: April 27, 2007
All architectures
IPv6 type 0 route headers can be used to mount a DoS attack against
--- 194,200 ----
A source code patch exists which remedies this problem.
!
-
005: SECURITY FIX: April 27, 2007
All architectures
IPv6 type 0 route headers can be used to mount a DoS attack against
***************
*** 204,210 ****
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 27, 2007
All architectures
Multiple vulnerabilities have been discovered in X.Org.
--- 204,210 ----
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 27, 2007
All architectures
Multiple vulnerabilities have been discovered in X.Org.
***************
*** 222,228 ****
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: April 27, 2007
All architectures
Bugs found in the spamd sychronization mechanism could cause corrupted
--- 222,228 ----
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: April 27, 2007
All architectures
Bugs found in the spamd sychronization mechanism could cause corrupted
***************
*** 231,237 ****
A source code patch exists which remedies this problem.
!
-
002: STABILITY FIX: April 27, 2007
All architectures
Incorrect spl level can lead to panics under heavy kqueue usage.
--- 231,237 ----
A source code patch exists which remedies this problem.
!
-
002: STABILITY FIX: April 27, 2007
All architectures
Incorrect spl level can lead to panics under heavy kqueue usage.
***************
*** 239,250 ****
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: April 27, 2007
All architectures
Incorrect mbuf handling for ICMP6 packets.
Using
! pf(4)
to avoid the problem packets is an effective workaround until the patch
can be installed.
Use "block in inet6" in /etc/pf.conf
--- 239,250 ----
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: April 27, 2007
All architectures
Incorrect mbuf handling for ICMP6 packets.
Using
! pf(4)
to avoid the problem packets is an effective workaround until the patch
can be installed.
Use "block in inet6" in /etc/pf.conf