===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata46.html,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- www/errata46.html	2014/03/31 03:12:47	1.28
+++ www/errata46.html	2014/03/31 16:02:48	1.29
@@ -77,7 +77,8 @@
 
 <ul>
 <li><a name="012_trunklacp"></a>
-<font color="#009000"><strong>012: RELIABILITY FIX: May 14, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>012: RELIABILITY FIX: May 14, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Insufficient protection of the trunk interface queues may cause
 LACP trunks to fail under load.
 <br>
@@ -86,7 +87,8 @@
 <p>
 
 <li><a name="011_pfsync"></a>
-<font color="#009000"><strong>011: RELIABILITY FIX: May 14, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>011: RELIABILITY FIX: May 14, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Incorrectly initialized state updates can cause pfsync update storms.
 <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/4.6/common/011_pfsync.patch">
@@ -94,7 +96,8 @@
 <p>
 
 <li><a name="010_openssl"></a>
-<font color="#009000"><strong>010: SECURITY FIX: April 14, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>010: SECURITY FIX: April 14, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 In TLS connections, certain incorrectly formatted records can cause
 an OpenSSL client or server to crash due to a read attempt at NULL.
 <br>
@@ -103,7 +106,8 @@
 <p>
 
 <li><a name="009_mpi"></a>
-<font color="#009000"><strong>009: RELIABILITY FIX: April 4, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>009: RELIABILITY FIX: April 4, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 When updating sensors showing the state of RAID volumes
 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mpi&sektion=4">mpi(4)</a>
 allocates temporary memory and then returns it to the kernel as
@@ -117,7 +121,8 @@
 <p>
 
 <li><a name="008_kerberos"></a>
-<font color="#009000"><strong>008: RELIABILITY FIX: March 31, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>008: RELIABILITY FIX: March 31, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 When decrypting packets, the internal decryption functions were not
 paranoid enough in checking for underruns, which could potentially
 lead to crashes.
@@ -127,7 +132,8 @@
 <p>
 
 <li><a name="007_ftpd"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: March 12, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>007: RELIABILITY FIX: March 12, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Due to a null pointer dereference, it would be possible to crash ftpd when
 handling glob(3)'ing requests. This is non-exploitable.
 <br>
@@ -136,7 +142,8 @@
 <p>
 
 <li><a name="006_openssl"></a>
-<font color="#009000"><strong>006: SECURITY FIX: March 12, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>006: SECURITY FIX: March 12, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 OpenSSL is susceptible to a buffer overflow due to a failure
 to check for NULL returns from bn_wexpand function calls.
 <br>
@@ -145,7 +152,8 @@
 <p>
 
 <li><a name="005_ptrace"></a>
-<font color="#009000"><strong>005: RELIABILITY FIX: January 29, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>005: RELIABILITY FIX: January 29, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 By using ptrace(2) on an ancestor process, a loop in the process tree
 could be created, violating assumptions in other parts of the kernel
 and resulting in infinite loops.
@@ -155,7 +163,8 @@
 <p>
 
 <li><a name="004_openssl"></a>
-<font color="#009000"><strong>004: SECURITY FIX: November 26, 2009</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>004: SECURITY FIX: November 26, 2009</strong></font>
+&nbsp; <i>All architectures</i><br>
 The SSL/TLS protocol is subject to man-in-the-middle attacks related to
 renegotiation (see CVE-2009-3555, draft-ietf-tls-renegotiation-00).
 OpenSSL permitted this protocol feature by default and had no way to
@@ -166,7 +175,8 @@
 <p>
 
 <li><a name="003_getsockopt"></a>
-<font color="#009000"><strong>003: RELIABILITY FIX: October 28, 2009</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>003: RELIABILITY FIX: October 28, 2009</strong></font>
+&nbsp; <i>All architectures</i><br>
 getsockopt(2) with any of IP_AUTH_LEVEL, IP_ESP_TRANS_LEVEL, IP_ESP_NETWORK_LEVEL,
 IP_IPCOMP_LEVEL will crash the system.
 <br>
@@ -175,7 +185,8 @@
 <p>
 
 <li><a name="002_xmm"></a>
-<font color="#009000"><strong>002: RELIABILITY FIX: October 05, 2009</strong></font> &nbsp; <i>i386 only</i><br>
+<font color="#009000"><strong>002: RELIABILITY FIX: October 05, 2009</strong></font>
+&nbsp; <i>i386 only</i><br>
 XMM exceptions are not correctly handled resulting in a kernel panic.
 <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/4.6/i386/002_xmm.patch">
@@ -183,7 +194,8 @@
 <p>
 
 <li><a name="001_bind"></a>
-<font color="#009000"><strong>001: RELIABILITY FIX: July 29, 2009</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>001: RELIABILITY FIX: July 29, 2009</strong></font>
+&nbsp; <i>All architectures</i><br>
 A vulnerability has been found in BIND's named server
 (<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0696">CVE-2009-0696</a>).
 An attacker could crash a server with a specially crafted dynamic update message to a