===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata42.html,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- www/errata42.html 2019/05/27 22:55:20 1.66
+++ www/errata42.html 2019/05/28 16:32:42 1.67
@@ -85,106 +85,60 @@
--
-015: SECURITY FIX: October 2, 2008
+
-
+001: SECURITY FIX: October 8, 2007
All architectures
-The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
-solicitation requests maybe allowing a nearby attacker to intercept traffic.
-The attacker must have IPv6 connectivity to the same router as their target for
-this vulnerability to be exploited.
-CVE-2008-2476.
+Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
+A DHCP client that claimed to require a maximum message size less than
+the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
-
+
A source code patch exists which remedies this problem.
-
-
-
-014: RELIABILITY FIX: July 29, 2008
+
-
+002: SECURITY FIX: October 10, 2007
All architectures
-Some kinds of IPv6 usage would leak kernel memory (in particular, this path
-was exercised by the named(8) patch for port randomization). Since INET6 is
-enabled by default, this condition affects all systems.
-
-
+The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
+
A source code patch exists which remedies this problem.
-
-
-013: SECURITY FIX: July 23, 2008
- All architectures
-2nd revision, July 23, 2008
-A vulnerability has been found with BIND. An attacker could use this vulnerability
-to poison the cache of a recursive resolving name server.
-CVE-2008-1447.
+ -
+003: CD BOOT FAILURE ON OLDER COMPUTERS : October 30, 2007
+ i386 only
+Some older BIOSes are unable to boot CD1 (ie. the commercial release sold
+by the project, not the CD images available on the net).
+A workaround using CD2 (amd64 architecture) is as follows.
+(An amd64 machine is NOT required for this to work.)
-
-A source code patch exists which remedies this problem.
-
-
-
-012: SECURITY FIX: July 15, 2008
- All architectures
-Multiple vulnerabilities have been discovered in X.Org.
-RENDER Extension heap buffer overflow,
-RENDER Extension crash,
-RENDER Extension memory corruption,
-MIT-SHM arbitrary memory read,
-RECORD and Security extensions memory corruption.
-CVE-2008-2360,
-CVE-2008-2361,
-CVE-2008-2362,
-CVE-2008-1379,
-CVE-2008-1377.
-
-
-A source code patch exists which remedies this problem.
+
+- Insert CD2 and tell your computer to boot it;
+ - When the
boot>
prompt appears, stop the automatic boot
+by pressing the space bar;
+ - Remove CD2 and insert CD1;
+ - Erase the character you typed to stop the boot, type
+boot /4.2/i386/bsd.rd
+then press Enter.
+
-
-
-011: SECURITY FIX: April 3, 2008
+
-
+004: RELIABILITY FIX: November 27, 2007
All architectures
-Avoid possible hijacking of X11-forwarded connections with sshd(8)
-by refusing to listen on a port unless all address families bind
-successfully.
-
+A memory leak in pf can lead to machine lockups.
+
A source code patch exists which remedies this problem.
-
-
-010: SECURITY FIX: March 30, 2008
+
-
+005: RELIABILITY FIX: January 11, 2008
All architectures
-sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand
-directive was in effect, allowing users with write access to this file to
-execute arbitrary commands. This behaviour was documented, but was an unsafe
-default and an extra hassle for administrators.
-
+A missing NULL pointer check can lead to a kernel panic.
+
A source code patch exists which remedies this problem.
-
-
-009: SECURITY FIX: March 7, 2008
- All architectures
-Buffer overflow in ppp command prompt parsing.
-
-A source code patch exists which remedies this problem.
-
-
-
-
-008: RELIABILITY FIX: February 25, 2008
- All architectures
-Malformed IPv6 routing headers can cause a kernel panic.
-
-A source code patch exists which remedies this problem.
-
-
-
-
-007: RELIABILITY FIX: February 22, 2008
- All architectures
-Incorrect assumptions in tcp_respond can lead to a kernel panic.
-
-A source code patch exists which remedies this problem.
-
-
-
006: SECURITY FIX: February 8, 2008
All architectures
@@ -207,59 +161,105 @@
A source code patch exists which remedies this problem.
-
-
-005: RELIABILITY FIX: January 11, 2008
+
-
+007: RELIABILITY FIX: February 22, 2008
All architectures
-A missing NULL pointer check can lead to a kernel panic.
-
+Incorrect assumptions in tcp_respond can lead to a kernel panic.
+
A source code patch exists which remedies this problem.
-
-
-004: RELIABILITY FIX: November 27, 2007
+
-
+008: RELIABILITY FIX: February 25, 2008
All architectures
-A memory leak in pf can lead to machine lockups.
-
+Malformed IPv6 routing headers can cause a kernel panic.
+
A source code patch exists which remedies this problem.
-
-
-003: CD BOOT FAILURE ON OLDER COMPUTERS : October 30, 2007
- i386 only
-Some older BIOSes are unable to boot CD1 (ie. the commercial release sold
-by the project, not the CD images available on the net).
-A workaround using CD2 (amd64 architecture) is as follows.
-(An amd64 machine is NOT required for this to work.)
-
+ -
+009: SECURITY FIX: March 7, 2008
+ All architectures
+Buffer overflow in ppp command prompt parsing.
+
+A source code patch exists which remedies this problem.
+
-
-- Insert CD2 and tell your computer to boot it;
- - When the
boot>
prompt appears, stop the automatic boot
-by pressing the space bar;
- - Remove CD2 and insert CD1;
- - Erase the character you typed to stop the boot, type
-boot /4.2/i386/bsd.rd
-then press Enter.
-
+ -
+010: SECURITY FIX: March 30, 2008
+ All architectures
+sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand
+directive was in effect, allowing users with write access to this file to
+execute arbitrary commands. This behaviour was documented, but was an unsafe
+default and an extra hassle for administrators.
+
+A source code patch exists which remedies this problem.
+
+
-
+011: SECURITY FIX: April 3, 2008
+ All architectures
+Avoid possible hijacking of X11-forwarded connections with sshd(8)
+by refusing to listen on a port unless all address families bind
+successfully.
+
+A source code patch exists which remedies this problem.
-
-
-002: SECURITY FIX: October 10, 2007
+
+
-
+012: SECURITY FIX: July 15, 2008
All architectures
-The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
-
+Multiple vulnerabilities have been discovered in X.Org.
+RENDER Extension heap buffer overflow,
+RENDER Extension crash,
+RENDER Extension memory corruption,
+MIT-SHM arbitrary memory read,
+RECORD and Security extensions memory corruption.
+CVE-2008-2360,
+CVE-2008-2361,
+CVE-2008-2362,
+CVE-2008-1379,
+CVE-2008-1377.
+
+
A source code patch exists which remedies this problem.
-
-
-001: SECURITY FIX: October 8, 2007
+
-
+013: SECURITY FIX: July 23, 2008
All architectures
-Malicious DHCP clients could cause dhcpd(8) to corrupt its stack
-A DHCP client that claimed to require a maximum message size less than
-the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
+2nd revision, July 23, 2008
+A vulnerability has been found with BIND. An attacker could use this vulnerability
+to poison the cache of a recursive resolving name server.
+CVE-2008-1447.
-
+
+A source code patch exists which remedies this problem.
+
+
+
+
-
+014: RELIABILITY FIX: July 29, 2008
+ All architectures
+Some kinds of IPv6 usage would leak kernel memory (in particular, this path
+was exercised by the named(8) patch for port randomization). Since INET6 is
+enabled by default, this condition affects all systems.
+
+
+A source code patch exists which remedies this problem.
+
+
+
-
+015: SECURITY FIX: October 2, 2008
+ All architectures
+The Neighbor Discovery Protocol (ndp) did not correctly verify neighbor
+solicitation requests maybe allowing a nearby attacker to intercept traffic.
+The attacker must have IPv6 connectivity to the same router as their target for
+this vulnerability to be exploited.
+CVE-2008-2476.
+
+
A source code patch exists which remedies this problem.