===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata53.html,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- www/errata53.html 2017/03/28 04:04:52 1.47
+++ www/errata53.html 2017/03/28 06:41:18 1.48
@@ -82,7 +82,7 @@
--
+
-
001: RELIABILITY FIX: March 15, 2013
All architectures
A rare condition during session startup may cause bgpd to replace
@@ -94,10 +94,10 @@
A source code patch exists which remedies this problem.
-
-
+
-
002: RELIABILITY FIX: May 5, 2013
All architectures
-A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
@@ -105,11 +105,11 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: RELIABILITY FIX: May 17, 2013
All architectures
A problem exists in
-nginx(8)
+nginx(8)
if proxy_pass is used with untrusted HTTP backend servers.
The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an
@@ -120,7 +120,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: RELIABILITY FIX: May 17, 2013
All architectures
As discovered by Peter Philipp, it is possible for an unprivileged user
@@ -132,7 +132,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
005: RELIABILITY FIX: May 31, 2013
All architectures
A local denial of service is possible by an unprivileged user if the
@@ -143,7 +143,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
006: RELIABILITY FIX: June 12, 2013
All architectures
A denial of services was discovered where certain combinations of
@@ -154,21 +154,21 @@
A source code patch exists which remedies this problem.
-
-
+
-
007: RELIABILITY FIX: June 12, 2013
All architectures
-Two flaws in the vio(4)
+Two flaws in the vio(4)
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.
A source code patch exists which remedies this problem.
-
-
+
-
008: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
-pflow(4)
+pflow(4)
interface destruction.
@@ -176,7 +176,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
009: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
@@ -191,7 +191,7 @@
-
-
+
-
010: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
@@ -201,11 +201,11 @@
A source code patch exists which remedies this problem.
-
-
+
-
011: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
-nginx(8)
+nginx(8)
which might allow an attacker to bypass security restrictions in certain
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
@@ -214,7 +214,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
012: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
@@ -225,7 +225,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
@@ -236,7 +236,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
014: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
@@ -246,7 +246,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker