===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata53.html,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- www/errata53.html 2016/08/15 02:22:06 1.44
+++ www/errata53.html 2016/10/16 19:11:30 1.45
@@ -70,7 +70,7 @@
@@ -94,7 +94,7 @@
inspection (we do not know how to reproduce it, consider that a challenge).
-
+
A source code patch exists which remedies this problem.
@@ -105,7 +105,7 @@
>vr(4) driver that may cause it to not recover from some error conditions.
-
+
A source code patch exists which remedies this problem.
@@ -120,7 +120,7 @@
upstream proxied server.
This issue was assigned CVE-2013-2070.
-
+
A source code patch exists which remedies this problem.
@@ -132,7 +132,7 @@
a kernel panic.
-
+
A source code patch exists which remedies this problem.
@@ -143,7 +143,7 @@
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially
crafted parameter.
-
+
A source code patch exists which remedies this problem.
@@ -154,7 +154,7 @@
TFTP options could cause OACK generation to fail, which in turn
caused a double free in tftpd.
-
+
A source code patch exists which remedies this problem.
@@ -164,7 +164,7 @@
Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.
-
+
A source code patch exists which remedies this problem.
@@ -176,7 +176,7 @@
interface destruction.
-
+
A source code patch exists which remedies this problem.
@@ -186,11 +186,11 @@
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
-Review the gcmrekey advisory
+Review the gcmrekey advisory
for a mitigation.
-
+
A source code patch exists which remedies this problem.
@@ -201,7 +201,7 @@
An unprivileged user may hang the system.
-
+
A source code patch exists which remedies this problem.
@@ -214,7 +214,7 @@
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
-
+
A source code patch exists which remedies this problem.
@@ -225,7 +225,7 @@
the application. The i386, amd64, vax and m68k platforms aren't
affected.
-
+
A source code patch exists which remedies this problem.
@@ -236,7 +236,7 @@
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.
-
+
A source code patch exists which remedies this problem.
@@ -246,7 +246,7 @@
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
heartbeat extension (RFC6520) which can result in a leak of memory contents.
-
+
A source code patch exists which remedies this problem.
@@ -256,7 +256,7 @@
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
to inject data from one connection into another.
-
+
A source code patch exists which remedies this problem.