===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- www/errata54.html 2016/08/15 02:22:06 1.49
+++ www/errata54.html 2016/10/16 19:11:30 1.50
@@ -70,7 +70,7 @@
@@ -94,7 +94,7 @@
interface destruction.
-
+
A source code patch exists which remedies this problem.
@@ -104,11 +104,11 @@
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
-Review the gcmrekey advisory
+Review the gcmrekey advisory
for a mitigation.
-
+
A source code patch exists which remedies this problem.
@@ -118,7 +118,7 @@
An unprivileged user may hang the system.
-
+
A source code patch exists which remedies this problem.
@@ -131,7 +131,7 @@
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
-
+
A source code patch exists which remedies this problem.
@@ -142,7 +142,7 @@
the application. The i386, amd64, vax and m68k platforms aren't
affected.
-
+
A source code patch exists which remedies this problem.
@@ -153,7 +153,7 @@
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.
-
+
A source code patch exists which remedies this problem.
@@ -163,7 +163,7 @@
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
heartbeat extension (RFC6520) which can result in a leak of memory contents.
-
+
A source code patch exists which remedies this problem.
@@ -173,7 +173,7 @@
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
to inject data from one connection into another.
-
+
A source code patch exists which remedies this problem.
@@ -183,7 +183,7 @@
An attacker can trigger generation of an SSL alert which could cause
a null pointer dereference.
-
+
A source code patch exists which remedies this problem.
@@ -198,7 +198,7 @@
Please see the advisory for more information.
-
+
A source code patch exists which remedies this problem.
@@ -209,7 +209,7 @@
This could enable local users to interfere with an open SMTP connection.
This issue was assigned CVE-2014-3956.
-
+
A source code patch exists which remedies this problem.
@@ -218,7 +218,7 @@
All architectures
This patch contains a number of SSL library fixes.
-
+
A source code patch exists which remedies this problem.
@@ -230,7 +230,7 @@
and
dhcpd(8).
-
+
A source code patch exists which remedies this problem.
@@ -239,7 +239,7 @@
All architectures
This patch contains a number of SSL library fixes.
-
+
A source code patch exists which remedies this problem.
@@ -250,7 +250,7 @@
host confusion attacks in some configurations.
This issue was assigned CVE-2014-3616.
-
+
A source code patch exists which remedies this problem.
@@ -260,7 +260,7 @@
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
service in server applications.
-
+
A source code patch exists which remedies this problem.
@@ -269,7 +269,7 @@
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
-
+
A source code patch exists which remedies this problem.