=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata45.html,v retrieving revision 1.36 retrieving revision 1.37 diff -c -r1.36 -r1.37 *** www/errata45.html 2014/03/31 03:12:47 1.36 --- www/errata45.html 2014/03/31 16:02:48 1.37 *************** *** 77,83 ****

! 016: SECURITY FIX: April 14, 2010 All architectures
In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL.
--- 77,84 ----
- ! 016: SECURITY FIX: April 14, 2010 ! All architectures
  In TLS connections, certain incorrectly formatted records can cause an OpenSSL client or server to crash due to a read attempt at NULL.
  *************** *** 86,92 ****
- ! 015: RELIABILITY FIX: April 4, 2010 All architectures
  When updating sensors showing the state of RAID volumes mpi(4) allocates temporary memory and then returns it to the kernel as --- 87,94 ----
- ! 015: RELIABILITY FIX: April 4, 2010 ! All architectures
  When updating sensors showing the state of RAID volumes mpi(4) allocates temporary memory and then returns it to the kernel as *************** *** 100,106 ****
- ! 014: RELIABILITY FIX: March 31, 2010 All architectures
  When decrypting packets, the internal decryption functions were not paranoid enough in checking for underruns, which could potentially lead to crashes. --- 102,109 ----
- ! 014: RELIABILITY FIX: March 31, 2010 ! All architectures
  When decrypting packets, the internal decryption functions were not paranoid enough in checking for underruns, which could potentially lead to crashes. *************** *** 110,116 ****
- ! 013: RELIABILITY FIX: March 12, 2010 All architectures
  Due to a null pointer dereference, it would be possible to crash ftpd when handling glob(3)'ing requests. This is non-exploitable.
  --- 113,120 ----
- ! 013: RELIABILITY FIX: March 12, 2010 ! All architectures
  Due to a null pointer dereference, it would be possible to crash ftpd when handling glob(3)'ing requests. This is non-exploitable.
  *************** *** 119,125 ****
- ! 012: SECURITY FIX: March 12, 2010 All architectures
  OpenSSL is susceptible to a buffer overflow due to a failure to check for NULL returns from bn_wexpand function calls.
  --- 123,130 ----
- ! 012: SECURITY FIX: March 12, 2010 ! All architectures
  OpenSSL is susceptible to a buffer overflow due to a failure to check for NULL returns from bn_wexpand function calls.
  *************** *** 128,134 ****
- ! 011: RELIABILITY FIX: January 29, 2010 All architectures
  By using ptrace(2) on an ancestor process, a loop in the process tree could be created, violating assumptions in other parts of the kernel and resulting in infinite loops. --- 133,140 ----
- ! 011: RELIABILITY FIX: January 29, 2010 ! All architectures
  By using ptrace(2) on an ancestor process, a loop in the process tree could be created, violating assumptions in other parts of the kernel and resulting in infinite loops. *************** *** 138,144 ****
- ! 010: SECURITY FIX: November 26, 2009 All architectures
  The SSL/TLS protocol is subject to man-in-the-middle attacks related to renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00). OpenSSL permitted this protocol feature by default and had no way to --- 144,151 ----
- ! 010: SECURITY FIX: November 26, 2009 ! All architectures
  The SSL/TLS protocol is subject to man-in-the-middle attacks related to renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00). OpenSSL permitted this protocol feature by default and had no way to *************** *** 149,155 ****
- ! 009: RELIABILITY FIX: October 28, 2009 All architectures
  getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL, IP_IPCOMP_LEVEL will crash the system.
  --- 156,163 ----
- ! 009: RELIABILITY FIX: October 28, 2009 ! All architectures
  getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL, IP_IPCOMP_LEVEL will crash the system.
  *************** *** 158,164 ****
- ! 008: RELIABILITY FIX: October 05, 2009 i386 only
  XMM exceptions are not correctly handled resulting in a kernel panic.
  --- 166,173 ----
- ! 008: RELIABILITY FIX: October 05, 2009 ! i386 only
  XMM exceptions are not correctly handled resulting in a kernel panic.
  *************** *** 166,172 ****
- ! 007: RELIABILITY FIX: July 29, 2009 All architectures
  A vulnerability has been found in BIND's named server (CVE-2009-0696). An attacker could crash a server with a specially crafted dynamic update message to a --- 175,182 ----
- ! 007: RELIABILITY FIX: July 29, 2009 ! All architectures
  A vulnerability has been found in BIND's named server (CVE-2009-0696). An attacker could crash a server with a specially crafted dynamic update message to a *************** *** 177,183 ****
- ! 006: RELIABILITY FIX: June 24, 2009 All architectures
  An off-by-one error in the inflate function in Zlib.xs in the Compress::Raw::Zlib perl module before 2.017 (CVE-2009-1391), as used in AMaViS, SpamAssassin, and possibly other products, --- 187,194 ----
- ! 006: RELIABILITY FIX: June 24, 2009 ! All architectures
  An off-by-one error in the inflate function in Zlib.xs in the Compress::Raw::Zlib perl module before 2.017 (CVE-2009-1391), as used in AMaViS, SpamAssassin, and possibly other products, *************** *** 191,197 ****
- ! 005: RELIABILITY FIX: April 24, 2009 All architectures
  On very high system load, an audio interrupt may occur while the audio process is filling audio ring buffers. This triggers bogus (and useless) correction code in the --- 202,209 ----
- ! 005: RELIABILITY FIX: April 24, 2009 ! All architectures
  On very high system load, an audio interrupt may occur while the audio process is filling audio ring buffers. This triggers bogus (and useless) correction code in the *************** *** 204,210 ****
- ! 004: RELIABILITY FIX: April 24, 2009 All architectures
  In server mode when in full-duplex mode (the default) aucat(1) will send each synchronization message twice, causing client applications --- 216,223 ----
- ! 004: RELIABILITY FIX: April 24, 2009 ! All architectures
  In server mode when in full-duplex mode (the default) aucat(1) will send each synchronization message twice, causing client applications *************** *** 216,222 ****
- ! 003: RELIABILITY FIX: April 24, 2009 i386 only
  When DMA'able memory is mapped by device drivers, the mapping flags and protection are partially uninitialized. Depending on the calling context, this may cause devices to misbehave, like --- 229,236 ----
- ! 003: RELIABILITY FIX: April 24, 2009 ! i386 only
  When DMA'able memory is mapped by device drivers, the mapping flags and protection are partially uninitialized. Depending on the calling context, this may cause devices to misbehave, like *************** *** 229,235 ****
- ! 002: RELIABILITY FIX: April 11, 2009 All architectures
  When pf attempts to perform translation on a specially crafted IP datagram, a null pointer dereference will occur, resulting in a kernel panic. In certain configurations this may be triggered by a remote attacker. --- 243,250 ----
- ! 002: RELIABILITY FIX: April 11, 2009 ! All architectures
  When pf attempts to perform translation on a specially crafted IP datagram, a null pointer dereference will occur, resulting in a kernel panic. In certain configurations this may be triggered by a remote attacker. *************** *** 249,255 ****
- ! 001: RELIABILITY FIX: April 8, 2009 All architectures
  The OpenSSL ASN.1 handling code could be forced to perform invalid memory accesses through the use of certain invalid strings (CVE-2009-0590) --- 264,271 ----
- ! 001: RELIABILITY FIX: April 8, 2009 ! All architectures
  The OpenSSL ASN.1 handling code could be forced to perform invalid memory accesses through the use of certain invalid strings (CVE-2009-0590)