===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata48.html,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- www/errata48.html 2014/03/31 03:12:47 1.17
+++ www/errata48.html 2014/03/31 16:02:48 1.18
@@ -77,7 +77,8 @@
-
-010: RELIABILITY FIX: February 16, 2011 All architectures
+010: RELIABILITY FIX: February 16, 2011
+ All architectures
The sis(4)
driver may hand over stale ring descriptors to the hardware if the compiler decides
to re-order stores or if the hardware does store-reordering.
@@ -87,7 +88,8 @@
-
-009: SECURITY FIX: February 16, 2011 Little-endian
+009: SECURITY FIX: February 16, 2011
+ Little-endian
architectures
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
not correctly handled on little-endian systems (alpha, amd64, arm, i386,
@@ -99,7 +101,8 @@
-
-008: SECURITY FIX: February 11, 2011 All architectures
+008: SECURITY FIX: February 11, 2011
+ All architectures
An incorrectly formatted ClientHello handshake message could cause
OpenSSL to parse past the end of the message. An attacker could use this flaw
to trigger an invalid memory access, causing a crash of an application linked
@@ -116,7 +119,8 @@
-
-007: RELIABILITY FIX: January 13, 2011 All architectures
+007: RELIABILITY FIX: January 13, 2011
+ All architectures
sp_protocol in RTM_DELETE messages could contain garbage values
leading to routing socket users that restrict the AF (such as ospfd)
not seeing any of the RTM_DELETE messages.
@@ -126,7 +130,8 @@
-
-006: RELIABILITY FIX: December 17, 2010 All architectures
+006: RELIABILITY FIX: December 17, 2010
+ All architectures
Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
This fixes aes-ni, via xcrypt and various drivers
(glxsb(4),
@@ -140,7 +145,8 @@
-
-005: SECURITY FIX: December 17, 2010 All architectures
+005: SECURITY FIX: December 17, 2010
+ All architectures
Insufficent initialization of the pf rule structure in the ioctl
handler may allow userland to modify kernel memory. By default root
privileges are needed to add or modify pf rules.
@@ -150,7 +156,8 @@
-
-004: RELIABILITY FIX: November 17, 2010 All architectures
+004: RELIABILITY FIX: November 17, 2010
+ All architectures
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded
and use OpenSSL's internal caching mechanism. Servers that are multi-process
@@ -161,7 +168,8 @@
-
-003: RELIABILITY FIX: November 16, 2010 All architectures
+003: RELIABILITY FIX: November 16, 2010
+ All architectures
The vr(4)
driver may hand over stale ring descriptors to the hardware if the compiler decides
to re-order stores or if the hardware does store-reordering.
@@ -171,7 +179,8 @@
-
-002: RELIABILITY FIX: November 16, 2010 All architectures
+002: RELIABILITY FIX: November 16, 2010
+ All architectures
Certain PCI based hardware may improperly announce their Base Address
Registers as prefetchable even though they are not. This may cause
unpredictable effects due to wrongly mapped memory.
@@ -181,7 +190,8 @@
-
-001: RELIABILITY FIX: November 16, 2010 All architectures
+001: RELIABILITY FIX: November 16, 2010
+ All architectures
Uninitialized memory may force the RDE into route-collector mode on startup and
may prevent bgpd from updating or announcing any routes.