=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v retrieving revision 1.36 retrieving revision 1.37 diff -c -r1.36 -r1.37 *** www/errata54.html 2014/10/19 21:08:19 1.36 --- www/errata54.html 2015/02/14 04:36:51 1.37 *************** *** 81,87 ****

001: RELIABILITY FIX: Nov 7, 2013 All architectures
A crash can happen on --- 81,87 ----
- 001: RELIABILITY FIX: Nov 7, 2013 All architectures
  A crash can happen on *************** *** 93,99 **** A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: Nov 7, 2013 All architectures
  A memory corruption vulnerability exists in the post-authentication sshd process --- 93,99 ---- A source code patch exists which remedies this problem.
  !
- 002: SECURITY FIX: Nov 7, 2013 All architectures
  A memory corruption vulnerability exists in the post-authentication sshd process *************** *** 107,113 **** A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: Nov 11, 2013 All architectures
  An unprivileged user may hang the system. --- 107,113 ---- A source code patch exists which remedies this problem.
  !
- 003: RELIABILITY FIX: Nov 11, 2013 All architectures
  An unprivileged user may hang the system. *************** *** 117,123 **** A source code patch exists which remedies this problem.
  !
- 004: SECURITY FIX: Nov 21, 2013 All architectures
  A problem exists in --- 117,123 ---- A source code patch exists which remedies this problem.
  !
- 004: SECURITY FIX: Nov 21, 2013 All architectures
  A problem exists in *************** *** 130,136 **** A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: Dec 19, 2013 Strict alignment architectures
  In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of --- 130,136 ---- A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: Dec 19, 2013 Strict alignment architectures
  In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of *************** *** 141,147 **** A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: Jan 10, 2014 All architectures
  A BDF font file containing a longer than expected string could overflow --- 141,147 ---- A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: Jan 10, 2014 All architectures
  A BDF font file containing a longer than expected string could overflow *************** *** 152,158 **** A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: April 8, 2014 All architectures
  Missing bounds checking in OpenSSL's implementation of the TLS/DTLS --- 152,158 ---- A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: April 8, 2014 All architectures
  Missing bounds checking in OpenSSL's implementation of the TLS/DTLS *************** *** 162,168 **** A source code patch exists which remedies this problem.
  !
- 008: SECURITY FIX: April 12, 2014 All architectures
  A use-after-free race condition in OpenSSL's read buffer may permit an attacker --- 162,168 ---- A source code patch exists which remedies this problem.
  !
- 008: SECURITY FIX: April 12, 2014 All architectures
  A use-after-free race condition in OpenSSL's read buffer may permit an attacker *************** *** 172,178 **** A source code patch exists which remedies this problem.
  !
- 009: RELIABILITY FIX: May 1, 2014 All architectures
  An attacker can trigger generation of an SSL alert which could cause --- 172,178 ---- A source code patch exists which remedies this problem.
  !
- 009: RELIABILITY FIX: May 1, 2014 All architectures
  An attacker can trigger generation of an SSL alert which could cause *************** *** 182,188 **** A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: May 24, 2014 All architectures with X server
  X Font Service Protocol & Font metadata file handling issues in libXfont --- 182,188 ---- A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: May 24, 2014 All architectures with X server
  X Font Service Protocol & Font metadata file handling issues in libXfont *************** *** 197,203 **** A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: June 5, 2014 All architectures
  Sendmail was not properly closing file descriptions before executing programs. --- 197,203 ---- A source code patch exists which remedies this problem.
  !
- 011: SECURITY FIX: June 5, 2014 All architectures
  Sendmail was not properly closing file descriptions before executing programs. *************** *** 208,214 **** A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: June 6, 2014 All architectures
  This patch contains a number of SSL library fixes. --- 208,214 ---- A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: June 6, 2014 All architectures
  This patch contains a number of SSL library fixes. *************** *** 217,223 **** A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: July 30, 2014 All architectures
  Packets with illegal DHCP options can lead to memory exhaustion of --- 217,223 ---- A source code patch exists which remedies this problem.
  !
- 013: RELIABILITY FIX: July 30, 2014 All architectures
  Packets with illegal DHCP options can lead to memory exhaustion of *************** *** 229,235 **** A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: August 9, 2014 All architectures
  This patch contains a number of SSL library fixes. --- 229,235 ---- A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: August 9, 2014 All architectures
  This patch contains a number of SSL library fixes. *************** *** 238,244 **** A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: October 1, 2014 All architectures
  nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual --- 238,244 ---- A source code patch exists which remedies this problem.
  !
- 015: SECURITY FIX: October 1, 2014 All architectures
  nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual *************** *** 249,255 **** A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: October 20, 2014 All architectures
  Two remotely triggerable memory leaks in OpenSSL can lead to a denial of --- 249,255 ---- A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: October 20, 2014 All architectures
  Two remotely triggerable memory leaks in OpenSSL can lead to a denial of *************** *** 259,265 **** A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: October 20, 2014 All architectures
  Executable headers with an unaligned address will trigger a kernel panic. --- 259,265 ---- A source code patch exists which remedies this problem.
  !
- 017: RELIABILITY FIX: October 20, 2014 All architectures
  Executable headers with an unaligned address will trigger a kernel panic.