===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata53.html,v
retrieving revision 1.47
retrieving revision 1.48
diff -c -r1.47 -r1.48
*** www/errata53.html 2017/03/28 04:04:52 1.47
--- www/errata53.html 2017/03/28 06:41:18 1.48
***************
*** 82,88 ****
! -
001: RELIABILITY FIX: March 15, 2013
All architectures
A rare condition during session startup may cause bgpd to replace
--- 82,88 ----
! -
001: RELIABILITY FIX: March 15, 2013
All architectures
A rare condition during session startup may cause bgpd to replace
***************
*** 94,103 ****
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: May 5, 2013
All architectures
! A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
--- 94,103 ----
A source code patch exists which remedies this problem.
!
-
002: RELIABILITY FIX: May 5, 2013
All architectures
! A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
***************
*** 105,115 ****
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: May 17, 2013
All architectures
A problem exists in
! nginx(8)
if proxy_pass is used with untrusted HTTP backend servers.
The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an
--- 105,115 ----
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: May 17, 2013
All architectures
A problem exists in
! nginx(8)
if proxy_pass is used with untrusted HTTP backend servers.
The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an
***************
*** 120,126 ****
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: May 17, 2013
All architectures
As discovered by Peter Philipp, it is possible for an unprivileged user
--- 120,126 ----
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: May 17, 2013
All architectures
As discovered by Peter Philipp, it is possible for an unprivileged user
***************
*** 132,138 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 31, 2013
All architectures
A local denial of service is possible by an unprivileged user if the
--- 132,138 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 31, 2013
All architectures
A local denial of service is possible by an unprivileged user if the
***************
*** 143,149 ****
A source code patch exists which remedies this problem.
!
-
006: RELIABILITY FIX: June 12, 2013
All architectures
A denial of services was discovered where certain combinations of
--- 143,149 ----
A source code patch exists which remedies this problem.
!
-
006: RELIABILITY FIX: June 12, 2013
All architectures
A denial of services was discovered where certain combinations of
***************
*** 154,174 ****
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: June 12, 2013
All architectures
! Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
! pflow(4)
interface destruction.
--- 154,174 ----
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: June 12, 2013
All architectures
! Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
! pflow(4)
interface destruction.
***************
*** 176,182 ****
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
--- 176,182 ----
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
***************
*** 191,197 ****
!
-
010: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
--- 191,197 ----
!
-
010: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
***************
*** 201,211 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
! nginx(8)
which might allow an attacker to bypass security restrictions in certain
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
--- 201,211 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
! nginx(8)
which might allow an attacker to bypass security restrictions in certain
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
***************
*** 214,220 ****
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
--- 214,220 ----
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
***************
*** 225,231 ****
A source code patch exists which remedies this problem.
!
-
013: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
--- 225,231 ----
A source code patch exists which remedies this problem.
!
-
013: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
***************
*** 236,242 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
--- 236,242 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
***************
*** 246,252 ****
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
--- 246,252 ----
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker