===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata46.html,v
retrieving revision 1.44
retrieving revision 1.45
diff -c -r1.44 -r1.45
*** www/errata46.html 2016/08/15 02:22:06 1.44
--- www/errata46.html 2016/10/16 19:11:30 1.45
***************
*** 70,76 ****
--- 70,76 ----
***************
*** 92,98 ****
Insufficient protection of the trunk interface queues may cause
LACP trunks to fail under load.
!
A source code patch exists which remedies this problem.
--- 92,98 ----
Insufficient protection of the trunk interface queues may cause
LACP trunks to fail under load.
!
A source code patch exists which remedies this problem.
***************
*** 101,107 ****
All architectures
Incorrectly initialized state updates can cause pfsync update storms.
!
A source code patch exists which remedies this problem.
--- 101,107 ----
All architectures
Incorrectly initialized state updates can cause pfsync update storms.
!
A source code patch exists which remedies this problem.
***************
*** 111,117 ****
In TLS connections, certain incorrectly formatted records can cause
an OpenSSL client or server to crash due to a read attempt at NULL.
!
A source code patch exists which remedies this problem.
--- 111,117 ----
In TLS connections, certain incorrectly formatted records can cause
an OpenSSL client or server to crash due to a read attempt at NULL.
!
A source code patch exists which remedies this problem.
***************
*** 126,132 ****
leading to a denial of service when a resource limit is apparently
reached.
!
A source code patch exists which remedies this problem.
--- 126,132 ----
leading to a denial of service when a resource limit is apparently
reached.
!
A source code patch exists which remedies this problem.
***************
*** 137,143 ****
paranoid enough in checking for underruns, which could potentially
lead to crashes.
!
A source code patch exists which remedies this problem.
--- 137,143 ----
paranoid enough in checking for underruns, which could potentially
lead to crashes.
!
A source code patch exists which remedies this problem.
***************
*** 147,153 ****
Due to a null pointer dereference, it would be possible to crash ftpd when
handling glob(3)'ing requests. This is non-exploitable.
!
A source code patch exists which remedies this problem.
--- 147,153 ----
Due to a null pointer dereference, it would be possible to crash ftpd when
handling glob(3)'ing requests. This is non-exploitable.
!
A source code patch exists which remedies this problem.
***************
*** 157,163 ****
OpenSSL is susceptible to a buffer overflow due to a failure
to check for NULL returns from bn_wexpand function calls.
!
A source code patch exists which remedies this problem.
--- 157,163 ----
OpenSSL is susceptible to a buffer overflow due to a failure
to check for NULL returns from bn_wexpand function calls.
!
A source code patch exists which remedies this problem.
***************
*** 168,174 ****
could be created, violating assumptions in other parts of the kernel
and resulting in infinite loops.
!
A source code patch exists which remedies this problem.
--- 168,174 ----
could be created, violating assumptions in other parts of the kernel
and resulting in infinite loops.
!
A source code patch exists which remedies this problem.
***************
*** 180,186 ****
OpenSSL permitted this protocol feature by default and had no way to
disable it.
!
A source code patch exists which remedies this problem.
--- 180,186 ----
OpenSSL permitted this protocol feature by default and had no way to
disable it.
!
A source code patch exists which remedies this problem.
***************
*** 190,196 ****
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
!
A source code patch exists which remedies this problem.
--- 190,196 ----
getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
IP_IPCOMP_LEVEL will crash the system.
!
A source code patch exists which remedies this problem.
***************
*** 199,205 ****
i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
!
A source code patch exists which remedies this problem.
--- 199,205 ----
i386 only
XMM exceptions are not correctly handled resulting in a kernel panic.
!
A source code patch exists which remedies this problem.
***************
*** 211,217 ****
An attacker could crash a server with a specially crafted dynamic update message to a
zone for which the server is master.
!
A source code patch exists which remedies this problem.
--- 211,217 ----
An attacker could crash a server with a specially crafted dynamic update message to a
zone for which the server is master.
!
A source code patch exists which remedies this problem.