===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- www/errata54.html 2014/03/31 03:12:47 1.16
+++ www/errata54.html 2014/03/31 16:02:48 1.17
@@ -77,7 +77,8 @@
-
-001: RELIABILITY FIX: Nov 7, 2013 All architectures
+001: RELIABILITY FIX: Nov 7, 2013
+ All architectures
A crash can happen on pflow(4) interface destruction.
@@ -86,7 +87,8 @@
-
-002: SECURITY FIX: Nov 7, 2013 All architectures
+002: SECURITY FIX: Nov 7, 2013
+ All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
@@ -99,7 +101,8 @@
-
-003: RELIABILITY FIX: Nov 11, 2013 All architectures
+003: RELIABILITY FIX: Nov 11, 2013
+ All architectures
An unprivileged user may hang the system.
@@ -108,7 +111,8 @@
-
-004: SECURITY FIX: Nov 21, 2013 All architectures
+004: SECURITY FIX: Nov 21, 2013
+ All architectures
A problem exists in
nginx(8)
which might allow an attacker to bypass security restrictions in certain
@@ -120,7 +124,8 @@
-
-005: RELIABILITY FIX: Dec 19, 2013 Strict alignment architectures
+005: RELIABILITY FIX: Dec 19, 2013
+ Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
affected.
@@ -130,7 +135,8 @@
-
-006: SECURITY FIX: Jan 10, 2014 All architectures
+006: SECURITY FIX: Jan 10, 2014
+ All architectures
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.