===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata53.html,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- www/errata53.html 2014/03/31 03:12:47 1.23
+++ www/errata53.html 2014/03/31 16:02:48 1.24
@@ -77,7 +77,8 @@
-
-001: RELIABILITY FIX: March 15, 2013 All architectures
+001: RELIABILITY FIX: March 15, 2013
+ All architectures
A rare condition during session startup may cause bgpd to replace
an active session leading to unknown consequences. Bug found by
inspection (we do not know how to reproduce it, consider that a challenge).
@@ -88,7 +89,8 @@
-
-002: RELIABILITY FIX: May 5, 2013 All architectures
+002: RELIABILITY FIX: May 5, 2013
+ All architectures
A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
@@ -98,7 +100,8 @@
-
-003: RELIABILITY FIX: May 17, 2013 All architectures
+003: RELIABILITY FIX: May 17, 2013
+ All architectures
A problem exists in
nginx(8)
if proxy_pass is used with untrusted HTTP backend servers.
@@ -112,7 +115,8 @@
-
-004: RELIABILITY FIX: May 17, 2013 All architectures
+004: RELIABILITY FIX: May 17, 2013
+ All architectures
As discovered by Peter Philipp, it is possible for an unprivileged user
process to trigger deleting the undeletable RNF_ROOT route, resulting in
a kernel panic.
@@ -123,7 +127,8 @@
-
-005: RELIABILITY FIX: May 31, 2013 All architectures
+005: RELIABILITY FIX: May 31, 2013
+ All architectures
A local denial of service is possible by an unprivileged user if the
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially
crafted parameter.
@@ -133,7 +138,8 @@
-
-006: RELIABILITY FIX: June 12, 2013 All architectures
+006: RELIABILITY FIX: June 12, 2013
+ All architectures
A denial of services was discovered where certain combinations of
TFTP options could cause OACK generation to fail, which in turn
caused a double free in tftpd.
@@ -143,7 +149,8 @@
-
-007: RELIABILITY FIX: June 12, 2013 All architectures
+007: RELIABILITY FIX: June 12, 2013
+ All architectures
Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.
@@ -152,7 +159,8 @@
-
-008: RELIABILITY FIX: Nov 7, 2013 All architectures
+008: RELIABILITY FIX: Nov 7, 2013
+ All architectures
A crash can happen on pflow(4) interface destruction.
@@ -161,7 +169,8 @@
-
-009: SECURITY FIX: Nov 7, 2013 All architectures
+009: SECURITY FIX: Nov 7, 2013
+ All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
@@ -175,7 +184,8 @@
-
-010: RELIABILITY FIX: Nov 11, 2013 All architectures
+010: RELIABILITY FIX: Nov 11, 2013
+ All architectures
An unprivileged user may hang the system.
@@ -184,7 +194,8 @@
-
-011: SECURITY FIX: Nov 21, 2013 All architectures
+011: SECURITY FIX: Nov 21, 2013
+ All architectures
A problem exists in
nginx(8)
which might allow an attacker to bypass security restrictions in certain
@@ -196,7 +207,8 @@
-
-012: RELIABILITY FIX: Dec 19, 2013 Strict alignment architectures
+012: RELIABILITY FIX: Dec 19, 2013
+ Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
affected.
@@ -206,7 +218,8 @@
-
-013: SECURITY FIX: Jan 10, 2014 All architectures
+013: SECURITY FIX: Jan 10, 2014
+ All architectures
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.