===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata54.html,v
retrieving revision 1.52
retrieving revision 1.53
diff -u -r1.52 -r1.53
--- www/errata54.html 2017/03/28 04:04:52 1.52
+++ www/errata54.html 2017/03/28 06:41:18 1.53
@@ -83,11 +83,11 @@
--
+
-
001: RELIABILITY FIX: Nov 7, 2013
All architectures
A crash can happen on
-pflow(4)
+pflow(4)
interface destruction.
@@ -95,7 +95,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
002: SECURITY FIX: Nov 7, 2013
All architectures
A memory corruption vulnerability exists in the post-authentication sshd process
@@ -109,7 +109,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: RELIABILITY FIX: Nov 11, 2013
All architectures
An unprivileged user may hang the system.
@@ -119,11 +119,11 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: SECURITY FIX: Nov 21, 2013
All architectures
A problem exists in
-nginx(8)
+nginx(8)
which might allow an attacker to bypass security restrictions in certain
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
@@ -132,7 +132,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
005: RELIABILITY FIX: Dec 19, 2013
Strict alignment architectures
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
@@ -143,7 +143,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
006: SECURITY FIX: Jan 10, 2014
All architectures
A BDF font file containing a longer than expected string could overflow
@@ -154,7 +154,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
007: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
@@ -164,7 +164,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
008: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
@@ -174,7 +174,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
009: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
@@ -184,7 +184,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
010: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
@@ -199,7 +199,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
011: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
@@ -210,7 +210,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
012: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
@@ -219,19 +219,19 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
-dhclient(8)
+dhclient(8)
and
-dhcpd(8).
+dhcpd(8).
A source code patch exists which remedies this problem.
-
-
+
-
014: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
@@ -240,7 +240,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
@@ -251,7 +251,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
016: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
@@ -261,7 +261,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
017: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.