===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -c -r1.16 -r1.17
*** www/errata54.html	2014/03/31 03:12:47	1.16
--- www/errata54.html	2014/03/31 16:02:48	1.17
***************
*** 77,83 ****
  
  <ul>
  <li><a name="001_pflow"></a>
! <font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> &nbsp; <i>All architectures</i><br>
  A crash can happen on pflow(4) interface destruction.
  
  <br>
--- 77,84 ----
  
  <ul>
  <li><a name="001_pflow"></a>
! <font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font>
! &nbsp; <i>All architectures</i><br>
  A crash can happen on pflow(4) interface destruction.
  
  <br>
***************
*** 86,92 ****
  <p>
  
  <li><a name="002_sshgcm"></a>
! <font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> &nbsp; <i>All architectures</i><br>
  A memory corruption vulnerability exists in the post-authentication sshd process
  when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
  selected during kex exchange.
--- 87,94 ----
  <p>
  
  <li><a name="002_sshgcm"></a>
! <font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font>
! &nbsp; <i>All architectures</i><br>
  A memory corruption vulnerability exists in the post-authentication sshd process
  when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
  selected during kex exchange.
***************
*** 99,105 ****
  <p>
  
  <li><a name="003_vnode"></a>
! <font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> &nbsp; <i>All architectures</i><br>
  An unprivileged user may hang the system.
  
  <br>
--- 101,108 ----
  <p>
  
  <li><a name="003_vnode"></a>
! <font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font>
! &nbsp; <i>All architectures</i><br>
  An unprivileged user may hang the system.
  
  <br>
***************
*** 108,114 ****
  <p>
  
  <li><a name="004_nginx"></a>
! <font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> &nbsp; <i>All architectures</i><br>
  A problem exists in
  <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a>
  which might allow an attacker to bypass security restrictions in certain
--- 111,118 ----
  <p>
  
  <li><a name="004_nginx"></a>
! <font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font>
! &nbsp; <i>All architectures</i><br>
  A problem exists in
  <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=nginx&sektion=8">nginx(8)</a>
  which might allow an attacker to bypass security restrictions in certain
***************
*** 120,126 ****
  <p>
  
  <li><a name="005_sha512"></a>
! <font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> &nbsp; <i>Strict alignment architectures</i><br>
  In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
  the application.  The i386, amd64, vax and m68k platforms aren't
  affected.
--- 124,131 ----
  <p>
  
  <li><a name="005_sha512"></a>
! <font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font>
! &nbsp; <i>Strict alignment architectures</i><br>
  In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
  the application.  The i386, amd64, vax and m68k platforms aren't
  affected.
***************
*** 130,136 ****
  <p>
  
  <li><a name="006_libXfont"></a>
! <font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> &nbsp; <i>All architectures</i><br>
  A BDF font file containing a longer than expected string could overflow
  a buffer on the stack in the X server.
  This issue was assigned CVE-2013-6462.
--- 135,142 ----
  <p>
  
  <li><a name="006_libXfont"></a>
! <font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font>
! &nbsp; <i>All architectures</i><br>
  A BDF font file containing a longer than expected string could overflow
  a buffer on the stack in the X server.
  This issue was assigned CVE-2013-6462.