===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -c -r1.16 -r1.17
*** www/errata54.html 2014/03/31 03:12:47 1.16
--- www/errata54.html 2014/03/31 16:02:48 1.17
***************
*** 77,83 ****
-
! 001: RELIABILITY FIX: Nov 7, 2013 All architectures
A crash can happen on pflow(4) interface destruction.
--- 77,84 ----
-
! 001: RELIABILITY FIX: Nov 7, 2013
! All architectures
A crash can happen on pflow(4) interface destruction.
***************
*** 86,92 ****
-
! 002: SECURITY FIX: Nov 7, 2013 All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
--- 87,94 ----
-
! 002: SECURITY FIX: Nov 7, 2013
! All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
***************
*** 99,105 ****
-
! 003: RELIABILITY FIX: Nov 11, 2013 All architectures
An unprivileged user may hang the system.
--- 101,108 ----
-
! 003: RELIABILITY FIX: Nov 11, 2013
! All architectures
An unprivileged user may hang the system.
***************
*** 108,114 ****
-
! 004: SECURITY FIX: Nov 21, 2013 All architectures
A problem exists in
nginx(8)
which might allow an attacker to bypass security restrictions in certain
--- 111,118 ----
-
! 004: SECURITY FIX: Nov 21, 2013
! All architectures
A problem exists in
nginx(8)
which might allow an attacker to bypass security restrictions in certain
***************
*** 120,126 ****
-
! 005: RELIABILITY FIX: Dec 19, 2013 Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
affected.
--- 124,131 ----
-
! 005: RELIABILITY FIX: Dec 19, 2013
! Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
affected.
***************
*** 130,136 ****
-
! 006: SECURITY FIX: Jan 10, 2014 All architectures
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.
--- 135,142 ----
-
! 006: SECURITY FIX: Jan 10, 2014
! All architectures
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.