[BACK]Return to errata54.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/errata54.html between version 1.49 and 1.50

version 1.49, 2016/08/15 02:22:06 version 1.50, 2016/10/16 19:11:30
Line 70 
Line 70 
 <br>  <br>
 <hr>  <hr>
   
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4.tar.gz">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4.tar.gz">
 You can also fetch a tar.gz file containing all the following patches</a>.  You can also fetch a tar.gz file containing all the following patches</a>.
 This file is updated once a day.  This file is updated once a day.
 <p>  <p>
Line 94 
Line 94 
 interface destruction.  interface destruction.
   
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/001_pflow.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/001_pflow.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 104 
Line 104 
 A memory corruption vulnerability exists in the post-authentication sshd process  A memory corruption vulnerability exists in the post-authentication sshd process
 when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is  when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
 selected during kex exchange.  selected during kex exchange.
 Review the <a href="http://www.openssh.com/txt/gcmrekey.adv">gcmrekey advisory</a>  Review the <a href="https://www.openssh.com/txt/gcmrekey.adv">gcmrekey advisory</a>
 for a mitigation.  for a mitigation.
   
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/002_sshgcm.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/002_sshgcm.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 118 
Line 118 
 An unprivileged user may hang the system.  An unprivileged user may hang the system.
   
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/003_vnode.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/003_vnode.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 131 
Line 131 
 configurations by using a specially crafted request.  configurations by using a specially crafted request.
 This issue was assigned CVE-2013-4547.  This issue was assigned CVE-2013-4547.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/004_nginx.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/004_nginx.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 142 
Line 142 
 the application.  The i386, amd64, vax and m68k platforms aren't  the application.  The i386, amd64, vax and m68k platforms aren't
 affected.  affected.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/005_sha512.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/005_sha512.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 153 
Line 153 
 a buffer on the stack in the X server.  a buffer on the stack in the X server.
 This issue was assigned CVE-2013-6462.  This issue was assigned CVE-2013-6462.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/006_libXfont.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/006_libXfont.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 163 
Line 163 
 Missing bounds checking in OpenSSL's implementation of the TLS/DTLS  Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
 heartbeat extension (RFC6520) which can result in a leak of memory contents.  heartbeat extension (RFC6520) which can result in a leak of memory contents.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/007_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/007_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 173 
Line 173 
 A use-after-free race condition in OpenSSL's read buffer may permit an attacker  A use-after-free race condition in OpenSSL's read buffer may permit an attacker
 to inject data from one connection into another.  to inject data from one connection into another.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/008_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 183 
Line 183 
 An attacker can trigger generation of an SSL alert which could cause  An attacker can trigger generation of an SSL alert which could cause
 a null pointer dereference.  a null pointer dereference.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/009_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/009_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 198 
Line 198 
 </ul>  </ul>
 Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information.  Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/010_libXfont.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/010_libXfont.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 209 
Line 209 
 This could enable local users to interfere with an open SMTP connection.  This could enable local users to interfere with an open SMTP connection.
 This issue was assigned CVE-2014-3956.  This issue was assigned CVE-2014-3956.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/011_sendmail.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/011_sendmail.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 218 
Line 218 
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 This patch contains a number of SSL library fixes.  This patch contains a number of SSL library fixes.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/012_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/012_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 230 
Line 230 
 and  and
 <a href="http://man.openbsd.org/?query=dhcpd&amp;sektion=8">dhcpd(8)</a>.  <a href="http://man.openbsd.org/?query=dhcpd&amp;sektion=8">dhcpd(8)</a>.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/013_dhcp.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/013_dhcp.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 239 
Line 239 
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 This patch contains a number of SSL library fixes.  This patch contains a number of SSL library fixes.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/014_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/014_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 250 
Line 250 
 host confusion attacks in some configurations.  host confusion attacks in some configurations.
 This issue was assigned CVE-2014-3616.  This issue was assigned CVE-2014-3616.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/015_nginx.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/015_nginx.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 260 
Line 260 
 Two remotely triggerable memory leaks in OpenSSL can lead to a denial of  Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
 service in server applications.  service in server applications.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/016_openssl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/016_openssl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 269 
Line 269 
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Executable headers with an unaligned address will trigger a kernel panic.  Executable headers with an unaligned address will trigger a kernel panic.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/017_kernexec.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.4/common/017_kernexec.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Legend:
Removed from v.1.49  
changed lines
  Added in v.1.50