===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.36
retrieving revision 1.37
diff -c -r1.36 -r1.37
*** www/errata54.html 2014/10/19 21:08:19 1.36
--- www/errata54.html 2015/02/14 04:36:51 1.37
***************
*** 81,87 ****
! -
001: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
--- 81,87 ----
! -
001: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
***************
*** 93,99 ****
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
--- 93,99 ----
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
***************
*** 107,113 ****
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
--- 107,113 ----
A source code patch exists which remedies this problem.
!
-
003: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
***************
*** 117,123 ****
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
--- 117,123 ----
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
***************
*** 130,136 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
--- 130,136 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
***************
*** 141,147 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
--- 141,147 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
***************
*** 152,158 ****
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
--- 152,158 ----
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
***************
*** 162,168 ****
A source code patch exists which remedies this problem.
!
-
008: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
--- 162,168 ----
A source code patch exists which remedies this problem.
!
-
008: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
***************
*** 172,178 ****
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
--- 172,178 ----
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
***************
*** 182,188 ****
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
--- 182,188 ----
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
***************
*** 197,203 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
--- 197,203 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
***************
*** 208,214 ****
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
--- 208,214 ----
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
***************
*** 217,223 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
--- 217,223 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
***************
*** 229,235 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
--- 229,235 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
***************
*** 238,244 ****
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
--- 238,244 ----
A source code patch exists which remedies this problem.
!
-
015: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
***************
*** 249,255 ****
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
--- 249,255 ----
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
***************
*** 259,265 ****
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
--- 259,265 ----
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.