===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata48.html,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- www/errata48.html	2014/03/31 03:12:47	1.17
+++ www/errata48.html	2014/03/31 16:02:48	1.18
@@ -77,7 +77,8 @@
 
 <ul>
 <li><a name="010_sis"></a>
-<font color="#009000"><strong>010: RELIABILITY FIX: February 16, 2011</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>010: RELIABILITY FIX: February 16, 2011</strong></font>
+&nbsp; <i>All architectures</i><br>
 The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sis&sektion=4">sis(4)</a>
 driver may hand over stale ring descriptors to the hardware if the compiler decides
 to re-order stores or if the hardware does store-reordering.
@@ -87,7 +88,8 @@
 <p>
 
 <li><a name="009_pf"></a>
-<font color="#009000"><strong>009: SECURITY FIX: February 16, 2011</strong></font> &nbsp; <i>Little-endian
+<font color="#009000"><strong>009: SECURITY FIX: February 16, 2011</strong></font>
+&nbsp; <i>Little-endian
  architectures</i><br>
 PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
 not correctly handled on little-endian systems (alpha, amd64, arm, i386,
@@ -99,7 +101,8 @@
 <p>
 
 <li><a name="008_openssl"></a>
-<font color="#009000"><strong>008: SECURITY FIX: February 11, 2011</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>008: SECURITY FIX: February 11, 2011</strong></font>
+&nbsp; <i>All architectures</i><br>
 An incorrectly formatted ClientHello handshake message could cause
 OpenSSL to parse past the end of the message.  An attacker could use this flaw
 to trigger an invalid memory access, causing a crash of an application linked
@@ -116,7 +119,8 @@
 <p>
 
 <li><a name="007_rtsock"></a>
-<font color="#009000"><strong>007: RELIABILITY FIX: January 13, 2011</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>007: RELIABILITY FIX: January 13, 2011</strong></font>
+&nbsp; <i>All architectures</i><br>
 sp_protocol in RTM_DELETE messages could contain garbage values
 leading to routing socket users that restrict the AF (such as ospfd)
 not seeing any of the RTM_DELETE messages.
@@ -126,7 +130,8 @@
 <p>
 
 <li><a name="006_cbc"></a>
-<font color="#009000"><strong>006: RELIABILITY FIX: December 17, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>006: RELIABILITY FIX: December 17, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
 This fixes aes-ni, via xcrypt and various drivers
 (<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=glxsb&arch=i386&sektion=4">glxsb(4)</a>,
@@ -140,7 +145,8 @@
 <p>
 
 <li><a name="005_pf"></a>
-<font color="#009000"><strong>005: SECURITY FIX: December 17, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>005: SECURITY FIX: December 17, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Insufficent initialization of the pf rule structure in the ioctl
 handler may allow userland to modify kernel memory. By default root
 privileges are needed to add or modify pf rules.
@@ -150,7 +156,8 @@
 <p>
 
 <li><a name="004_openssl"></a>
-<font color="#009000"><strong>004: RELIABILITY FIX: November 17, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>004: RELIABILITY FIX: November 17, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
 a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded
 and use OpenSSL's internal caching mechanism. Servers that are multi-process
@@ -161,7 +168,8 @@
 <p>
 
 <li><a name="003_vr"></a>
-<font color="#009000"><strong>003: RELIABILITY FIX: November 16, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>003: RELIABILITY FIX: November 16, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4">vr(4)</a>
 driver may hand over stale ring descriptors to the hardware if the compiler decides
 to re-order stores or if the hardware does store-reordering.
@@ -171,7 +179,8 @@
 <p>
 
 <li><a name="002_pci"></a>
-<font color="#009000"><strong>002: RELIABILITY FIX: November 16, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>002: RELIABILITY FIX: November 16, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Certain PCI based hardware may improperly announce their Base Address
 Registers as prefetchable even though they are not. This may cause
 unpredictable effects due to wrongly mapped memory.
@@ -181,7 +190,8 @@
 <p>
 
 <li><a name="001_bgpd"></a>
-<font color="#009000"><strong>001: RELIABILITY FIX: November 16, 2010</strong></font> &nbsp; <i>All architectures</i><br>
+<font color="#009000"><strong>001: RELIABILITY FIX: November 16, 2010</strong></font>
+&nbsp; <i>All architectures</i><br>
 Uninitialized memory may force the RDE into route-collector mode on startup and
 may prevent bgpd from updating or announcing any routes.
 <br>