===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata47.html,v
retrieving revision 1.33
retrieving revision 1.34
diff -c -r1.33 -r1.34
*** www/errata47.html 2014/10/02 14:34:45 1.33
--- www/errata47.html 2015/02/14 04:36:51 1.34
***************
*** 81,87 ****
! -
013: SECURITY FIX: February 16, 2011
Little-endian architectures
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
--- 81,87 ----
! -
013: SECURITY FIX: February 16, 2011
Little-endian architectures
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
***************
*** 93,99 ****
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: February 11, 2011
All architectures
An incorrectly formatted ClientHello handshake message could cause
--- 93,99 ----
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: February 11, 2011
All architectures
An incorrectly formatted ClientHello handshake message could cause
***************
*** 111,117 ****
A source code patch exists which remedies this problem.
!
-
011: RELIABILITY FIX: January 13, 2011
All architectures
sp_protocol in RTM_DELETE messages could contain garbage values
--- 111,117 ----
A source code patch exists which remedies this problem.
!
-
011: RELIABILITY FIX: January 13, 2011
All architectures
sp_protocol in RTM_DELETE messages could contain garbage values
***************
*** 122,128 ****
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: December 20, 2010
All architectures
Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
--- 122,128 ----
A source code patch exists which remedies this problem.
!
-
010: RELIABILITY FIX: December 20, 2010
All architectures
Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
***************
*** 139,145 ****
!
-
009: SECURITY FIX: December 17, 2010
All architectures
Insufficent initialization of the pf rule structure in the ioctl
--- 139,145 ----
!
-
009: SECURITY FIX: December 17, 2010
All architectures
Insufficent initialization of the pf rule structure in the ioctl
***************
*** 150,156 ****
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: November 17, 2010
All architectures
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
--- 150,156 ----
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: November 17, 2010
All architectures
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
***************
*** 162,168 ****
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: September 14, 2010
All architectures
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.
--- 162,168 ----
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: September 14, 2010
All architectures
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.
***************
*** 172,178 ****
A source code patch exists which remedies this problem.
!
-
006: RELIABILITY FIX: July 8, 2010
All architectures
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives.
--- 172,178 ----
A source code patch exists which remedies this problem.
!
-
006: RELIABILITY FIX: July 8, 2010
All architectures
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives.
***************
*** 181,187 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 14, 2010
All architectures
Incorrectly initialized state updates can cause pfsync update storms.
--- 181,187 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 14, 2010
All architectures
Incorrectly initialized state updates can cause pfsync update storms.
***************
*** 190,196 ****
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 23, 2010
All architectures
The combination of pfsync and IPSEC may crash the kernel.
--- 190,196 ----
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 23, 2010
All architectures
The combination of pfsync and IPSEC may crash the kernel.
***************
*** 198,204 ****
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: April 14, 2010
All architectures
In TLS connections, certain incorrectly formatted records can cause
--- 198,204 ----
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: April 14, 2010
All architectures
In TLS connections, certain incorrectly formatted records can cause
***************
*** 208,214 ****
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: April 4, 2010
All architectures
When updating sensors showing the state of RAID volumes
--- 208,214 ----
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: April 4, 2010
All architectures
When updating sensors showing the state of RAID volumes
***************
*** 223,229 ****
A source code patch exists which remedies this problem.
!
-
001: RELIABILITY FIX: March 31, 2010
All architectures
When decrypting packets, the internal decryption functions were not
--- 223,229 ----
A source code patch exists which remedies this problem.
!
-
001: RELIABILITY FIX: March 31, 2010
All architectures
When decrypting packets, the internal decryption functions were not