===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata42.html,v
retrieving revision 1.30
retrieving revision 1.31
diff -c -r1.30 -r1.31
*** www/errata42.html 2010/03/08 21:53:37 1.30
--- www/errata42.html 2010/07/08 19:00:07 1.31
***************
*** 54,60 ****
--- 96,102 ----
this vulnerability to be exploited.
CVE-2008-2476.
!
A source code patch exists which remedies this problem.
***************
*** 106,112 ****
was exercised by the named(8) patch for port randomization). Since INET6 is
enabled by default, this condition affects all systems.
!
A source code patch exists which remedies this problem.
--- 106,112 ----
was exercised by the named(8) patch for port randomization). Since INET6 is
enabled by default, this condition affects all systems.
!
A source code patch exists which remedies this problem.
***************
*** 117,123 ****
to poison the cache of a recursive resolving name server.
CVE-2008-1447.
!
A source code patch exists which remedies this problem.
--- 117,123 ----
to poison the cache of a recursive resolving name server.
CVE-2008-1447.
!
A source code patch exists which remedies this problem.
***************
*** 135,141 ****
CVE-2008-1379,
CVE-2008-1377.
!
A source code patch exists which remedies this problem.
--- 135,141 ----
CVE-2008-1379,
CVE-2008-1377.
!
A source code patch exists which remedies this problem.
***************
*** 144,150 ****
Avoid possible hijacking of X11-forwarded connections with sshd(8)
by refusing to listen on a port unless all address families bind
successfully.
!
A source code patch exists which remedies this problem.
--- 144,150 ----
Avoid possible hijacking of X11-forwarded connections with sshd(8)
by refusing to listen on a port unless all address families bind
successfully.
!
A source code patch exists which remedies this problem.
***************
*** 154,181 ****
directive was in effect, allowing users with write access to this file to
execute arbitrary commands. This behaviour was documented, but was an unsafe
default and an extra hassle for administrators.
!
A source code patch exists which remedies this problem.
--- 154,181 ----
directive was in effect, allowing users with write access to this file to
execute arbitrary commands. This behaviour was documented, but was an unsafe
default and an extra hassle for administrators.
!
A source code patch exists which remedies this problem.
***************
*** 196,216 ****
CVE-2007-6429,
CVE-2008-0006.
!
A source code patch exists which remedies this problem.
--- 196,216 ----
CVE-2007-6429,
CVE-2008-0006.
!
A source code patch exists which remedies this problem.
*************** *** 237,243 ****
--- 237,243 ----
***************
*** 247,253 ****
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
!
A source code patch exists which remedies this problem.
--- 247,253 ----
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
!
A source code patch exists which remedies this problem.
*************** *** 290,296 ****