===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata55.html,v
retrieving revision 1.52
retrieving revision 1.53
diff -c -r1.52 -r1.53
*** www/errata55.html 2017/03/28 04:04:52 1.52
--- www/errata55.html 2017/03/28 06:41:18 1.53
***************
*** 72,78 ****
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
! signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
--- 72,78 ----
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
! signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
***************
*** 86,92 ****
! -
001: RELIABILITY FIX: March 15, 2014
All architectures
Memory corruption happens during
--- 86,92 ----
! -
001: RELIABILITY FIX: March 15, 2014
All architectures
Memory corruption happens during
***************
*** 96,102 ****
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
--- 96,102 ----
A source code patch exists which remedies this problem.
!
-
002: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
***************
*** 106,123 ****
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: April 9, 2014
All architectures
Missing hostname check for HTTPS connections in the
! ftp(1)
utility.
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
--- 106,123 ----
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: April 9, 2014
All architectures
Missing hostname check for HTTPS connections in the
! ftp(1)
utility.
A source code patch exists which remedies this problem.
!
-
004: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
***************
*** 127,133 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
--- 127,133 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
***************
*** 137,143 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
--- 137,143 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
***************
*** 152,158 ****
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
--- 152,158 ----
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
***************
*** 163,169 ****
A source code patch exists which remedies this problem.
!
-
008: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
--- 163,169 ----
A source code patch exists which remedies this problem.
!
-
008: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
***************
*** 172,190 ****
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
! dhclient(8)
and
! dhcpd(8).
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
--- 172,190 ----
A source code patch exists which remedies this problem.
!
-
009: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
! dhclient(8)
and
! dhcpd(8).
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
***************
*** 193,199 ****
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
--- 193,199 ----
A source code patch exists which remedies this problem.
!
-
011: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
***************
*** 204,210 ****
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
--- 204,210 ----
A source code patch exists which remedies this problem.
!
-
012: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
***************
*** 214,220 ****
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
--- 214,220 ----
A source code patch exists which remedies this problem.
!
-
013: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
***************
*** 223,229 ****
A source code patch exists which remedies this problem.
!
-
014: RELIABILITY FIX: November 17, 2014
All architectures
A PF rule using an IPv4 address
--- 223,229 ----
A source code patch exists which remedies this problem.
!
-
014: RELIABILITY FIX: November 17, 2014
All architectures
A PF rule using an IPv4 address
***************
*** 235,241 ****
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: November 17, 2014
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
--- 235,241 ----
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: November 17, 2014
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
***************
*** 244,250 ****
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: December 5, 2014
All architectures
Several bugs were fixed that allowed a crash from remote when an active pipex
--- 244,250 ----
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: December 5, 2014
All architectures
Several bugs were fixed that allowed a crash from remote when an active pipex
***************
*** 254,260 ****
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: December 5, 2014
All architectures
An incorrect memcpy call would result in corrupted MAC addresses when
--- 254,260 ----
A source code patch exists which remedies this problem.
!
-
017: RELIABILITY FIX: December 5, 2014
All architectures
An incorrect memcpy call would result in corrupted MAC addresses when
***************
*** 264,270 ****
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: December 9, 2014
All architectures
Several bugs in virtio(4) can lead to hangs with virtio devices,
--- 264,270 ----
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: December 9, 2014
All architectures
Several bugs in virtio(4) can lead to hangs with virtio devices,
***************
*** 274,280 ****
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: December 9, 2014
All architectures
One year after Ilja van Sprundel discovered and reported a large number
--- 274,280 ----
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: December 9, 2014
All architectures
One year after Ilja van Sprundel discovered and reported a large number
***************
*** 287,293 ****
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: January 13, 2015
All architectures
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD
--- 287,293 ----
A source code patch exists which remedies this problem.
!
-
020: SECURITY FIX: January 13, 2015
All architectures
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD
***************
*** 300,306 ****
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: March 3, 2015
All architectures
Information leak in the XkbSetGeometry request of X servers.
--- 300,306 ----
A source code patch exists which remedies this problem.
!
-
021: SECURITY FIX: March 3, 2015
All architectures
Information leak in the XkbSetGeometry request of X servers.
***************
*** 312,318 ****
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: March 13, 2015
All architectures
Another fix for buffer overflows in malformed fonts.
--- 312,318 ----
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: March 13, 2015
All architectures
Another fix for buffer overflows in malformed fonts.
***************
*** 321,327 ****
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
--- 321,327 ----
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
***************
*** 334,340 ****
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
!
-
024: SECURITY FIX: March 19, 2015
All architectures
Fix two possible crash causing defects.
--- 334,340 ----
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
!
-
024: SECURITY FIX: March 19, 2015
All architectures
Fix two possible crash causing defects.
***************
*** 349,355 ****
Note that instructions should read cd /usr/src/lib/libssl/crypto
.
!
-
025: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.
--- 349,355 ----
Note that instructions should read cd /usr/src/lib/libssl/crypto
.
!
-
025: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.