=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata42.html,v retrieving revision 1.57 retrieving revision 1.58 diff -c -r1.57 -r1.58 *** www/errata42.html 2016/08/15 02:22:06 1.57 --- www/errata42.html 2016/10/16 19:11:29 1.58 *************** *** 70,76 ****
! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

--- 70,76 ----

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

*************** *** 96,102 **** this vulnerability to be exploited. CVE-2008-2476.
! A source code patch exists which remedies this problem.

--- 96,102 ---- this vulnerability to be exploited. CVE-2008-2476.
! A source code patch exists which remedies this problem.

*************** *** 107,113 **** was exercised by the named(8) patch for port randomization). Since INET6 is enabled by default, this condition affects all systems.
! A source code patch exists which remedies this problem.

--- 107,113 ---- was exercised by the named(8) patch for port randomization). Since INET6 is enabled by default, this condition affects all systems.
! A source code patch exists which remedies this problem.

*************** *** 119,125 **** to poison the cache of a recursive resolving name server. CVE-2008-1447.
! A source code patch exists which remedies this problem.

--- 119,125 ---- to poison the cache of a recursive resolving name server. CVE-2008-1447.
! A source code patch exists which remedies this problem.

*************** *** 138,144 **** CVE-2008-1379, CVE-2008-1377.
! A source code patch exists which remedies this problem.

--- 138,144 ---- CVE-2008-1379, CVE-2008-1377.
! A source code patch exists which remedies this problem.

*************** *** 148,154 **** Avoid possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.
! A source code patch exists which remedies this problem.

--- 148,154 ---- Avoid possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.
! A source code patch exists which remedies this problem.

*************** *** 159,165 **** directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.
! A source code patch exists which remedies this problem.

--- 159,165 ---- directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.
! A source code patch exists which remedies this problem.

*************** *** 167,173 **** 009: SECURITY FIX: March 7, 2008   All architectures
Buffer overflow in ppp command prompt parsing.
! A source code patch exists which remedies this problem.

--- 167,173 ---- 009: SECURITY FIX: March 7, 2008   All architectures
Buffer overflow in ppp command prompt parsing.
! A source code patch exists which remedies this problem.

*************** *** 175,181 **** 008: RELIABILITY FIX: February 25, 2008   All architectures
Malformed IPv6 routing headers can cause a kernel panic.
! A source code patch exists which remedies this problem.

--- 175,181 ---- 008: RELIABILITY FIX: February 25, 2008   All architectures
Malformed IPv6 routing headers can cause a kernel panic.
! A source code patch exists which remedies this problem.

*************** *** 183,189 **** 007: RELIABILITY FIX: February 22, 2008   All architectures
Incorrect assumptions in tcp_respond can lead to a kernel panic.
! A source code patch exists which remedies this problem.

--- 183,189 ---- 007: RELIABILITY FIX: February 22, 2008   All architectures
Incorrect assumptions in tcp_respond can lead to a kernel panic.
! A source code patch exists which remedies this problem.

*************** *** 205,211 **** CVE-2007-6429, CVE-2008-0006.
! A source code patch exists which remedies this problem.

--- 205,211 ---- CVE-2007-6429, CVE-2008-0006.
! A source code patch exists which remedies this problem.

*************** *** 213,219 **** 005: RELIABILITY FIX: January 11, 2008   All architectures
A missing NULL pointer check can lead to a kernel panic.
! A source code patch exists which remedies this problem.

--- 213,219 ---- 005: RELIABILITY FIX: January 11, 2008   All architectures
A missing NULL pointer check can lead to a kernel panic.
! A source code patch exists which remedies this problem.

*************** *** 221,227 **** 004: RELIABILITY FIX: November 27, 2007   All architectures
A memory leak in pf can lead to machine lockups.
! A source code patch exists which remedies this problem.

--- 221,227 ---- 004: RELIABILITY FIX: November 27, 2007   All architectures
A memory leak in pf can lead to machine lockups.
! A source code patch exists which remedies this problem.

*************** *** 250,256 **** 002: SECURITY FIX: October 10, 2007   All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
! A source code patch exists which remedies this problem.

--- 250,256 ---- 002: SECURITY FIX: October 10, 2007   All architectures
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
! A source code patch exists which remedies this problem.

*************** *** 261,267 **** A DHCP client that claimed to require a maximum message size less than the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
! A source code patch exists which remedies this problem.

--- 261,267 ---- A DHCP client that claimed to require a maximum message size less than the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
! A source code patch exists which remedies this problem.