===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata42.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -c -r1.46 -r1.47
*** www/errata42.html	2014/10/02 14:34:45	1.46
--- www/errata42.html	2015/02/14 04:36:51	1.47
***************
*** 82,88 ****
  
  <ul>
  
! <li><a name="015_ndp"></a>
  <font color="#009000"><strong>015: SECURITY FIX: October 2, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
--- 82,88 ----
  
  <ul>
  
! <li id="015_ndp">
  <font color="#009000"><strong>015: SECURITY FIX: October 2, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
***************
*** 95,101 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="014_pcb"></a>
  <font color="#009000"><strong>014: RELIABILITY FIX: July 29, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Some kinds of IPv6 usage would leak kernel memory (in particular, this path
--- 95,101 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="014_pcb">
  <font color="#009000"><strong>014: RELIABILITY FIX: July 29, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Some kinds of IPv6 usage would leak kernel memory (in particular, this path
***************
*** 106,112 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="013_bind"></a>
  <font color="#009000"><strong>013: SECURITY FIX: July 23, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  <strong>2nd revision, July 23, 2008</strong><br>
--- 106,112 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="013_bind">
  <font color="#009000"><strong>013: SECURITY FIX: July 23, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  <strong>2nd revision, July 23, 2008</strong><br>
***************
*** 118,124 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="012_xorg2"></a>
  <font color="#009000"><strong>012: SECURITY FIX: July 15, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Multiple vulnerabilities have been discovered in X.Org.<br>
--- 118,124 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="012_xorg2">
  <font color="#009000"><strong>012: SECURITY FIX: July 15, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Multiple vulnerabilities have been discovered in X.Org.<br>
***************
*** 137,143 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="011_openssh2"></a>
  <font color="#009000"><strong>011: SECURITY FIX: April 3, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Avoid possible hijacking of X11-forwarded connections with sshd(8)
--- 137,143 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="011_openssh2">
  <font color="#009000"><strong>011: SECURITY FIX: April 3, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Avoid possible hijacking of X11-forwarded connections with sshd(8)
***************
*** 147,153 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="010_openssh"></a>
  <font color="#009000"><strong>010: SECURITY FIX: March 30, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) <em>ForceCommand</em>
--- 147,153 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="010_openssh">
  <font color="#009000"><strong>010: SECURITY FIX: March 30, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) <em>ForceCommand</em>
***************
*** 158,164 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="009_ppp"></a>
  <font color="#009000"><strong>009: SECURITY FIX: March 7, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Buffer overflow in ppp command prompt parsing.<br>
--- 158,164 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="009_ppp">
  <font color="#009000"><strong>009: SECURITY FIX: March 7, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Buffer overflow in ppp command prompt parsing.<br>
***************
*** 166,172 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="008_ip6rthdr"></a>
  <font color="#009000"><strong>008: RELIABILITY FIX: February 25, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Malformed IPv6 routing headers can cause a kernel panic.<br>
--- 166,172 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="008_ip6rthdr">
  <font color="#009000"><strong>008: RELIABILITY FIX: February 25, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Malformed IPv6 routing headers can cause a kernel panic.<br>
***************
*** 174,180 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="007_tcprespond"></a>
  <font color="#009000"><strong>007: RELIABILITY FIX: February 22, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Incorrect assumptions in tcp_respond can lead to a kernel panic.<br>
--- 174,180 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="007_tcprespond">
  <font color="#009000"><strong>007: RELIABILITY FIX: February 22, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  Incorrect assumptions in tcp_respond can lead to a kernel panic.<br>
***************
*** 182,188 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="006_xorg"></a>
  <font color="#009000"><strong>006: SECURITY FIX: February 8, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  <strong>2nd revision, February 10, 2008</strong><br>
--- 182,188 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="006_xorg">
  <font color="#009000"><strong>006: SECURITY FIX: February 8, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  <strong>2nd revision, February 10, 2008</strong><br>
***************
*** 204,210 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="005_ifrtlabel"></a>
  <font color="#009000"><strong>005: RELIABILITY FIX: January 11, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  A missing NULL pointer check can lead to a kernel panic.<br>
--- 204,210 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="005_ifrtlabel">
  <font color="#009000"><strong>005: RELIABILITY FIX: January 11, 2008</strong></font>
  &nbsp; <i>All architectures</i><br>
  A missing NULL pointer check can lead to a kernel panic.<br>
***************
*** 212,218 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="004_pf"></a>
  <font color="#009000"><strong>004: RELIABILITY FIX: November 27, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  A memory leak in pf can lead to machine lockups.<br>
--- 212,218 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="004_pf">
  <font color="#009000"><strong>004: RELIABILITY FIX: November 27, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  A memory leak in pf can lead to machine lockups.<br>
***************
*** 220,226 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="003_i386_boot"></a>
  <font color="#009000"><strong>003: CD BOOT FAILURE ON OLDER COMPUTERS : October 30, 2007</strong></font>
  &nbsp; <i>i386 only</i><br>
  Some older BIOSes are unable to boot CD1 (ie. the commercial release sold
--- 220,226 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="003_i386_boot">
  <font color="#009000"><strong>003: CD BOOT FAILURE ON OLDER COMPUTERS : October 30, 2007</strong></font>
  &nbsp; <i>i386 only</i><br>
  Some older BIOSes are unable to boot CD1 (ie. the commercial release sold
***************
*** 241,247 ****
  
  <p>
  
! <li><a name="002_openssl"></a>
  <font color="#009000"><strong>002: SECURITY FIX: October 10, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.<br>
--- 241,247 ----
  
  <p>
  
! <li id="002_openssl">
  <font color="#009000"><strong>002: SECURITY FIX: October 10, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.<br>
***************
*** 249,255 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="001_dhcpd"></a>
  <font color="#009000"><strong>001: SECURITY FIX: October 8, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  Malicious DHCP clients could cause dhcpd(8) to corrupt its stack<br>
--- 249,255 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="001_dhcpd">
  <font color="#009000"><strong>001: SECURITY FIX: October 8, 2007</strong></font>
  &nbsp; <i>All architectures</i><br>
  Malicious DHCP clients could cause dhcpd(8) to corrupt its stack<br>