===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata55.html,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- www/errata55.html 2015/01/13 19:47:25 1.30
+++ www/errata55.html 2015/02/14 04:36:51 1.31
@@ -83,7 +83,7 @@
--
+
-
001: RELIABILITY FIX: March 15, 2014
All architectures
Memory corruption happens during
@@ -93,7 +93,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
002: SECURITY FIX: April 8, 2014
All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
@@ -103,7 +103,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: SECURITY FIX: April 9, 2014
All architectures
Missing hostname check for HTTPS connections in the
@@ -114,7 +114,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: SECURITY FIX: April 12, 2014
All architectures
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
@@ -124,7 +124,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
005: RELIABILITY FIX: May 1, 2014
All architectures
An attacker can trigger generation of an SSL alert which could cause
@@ -134,7 +134,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
006: SECURITY FIX: May 24, 2014
All architectures with X server
X Font Service Protocol & Font metadata file handling issues in libXfont
@@ -149,7 +149,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
007: SECURITY FIX: June 5, 2014
All architectures
Sendmail was not properly closing file descriptions before executing programs.
@@ -160,7 +160,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
008: SECURITY FIX: June 6, 2014
All architectures
This patch contains a number of SSL library fixes.
@@ -169,7 +169,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
009: RELIABILITY FIX: July 30, 2014
All architectures
Packets with illegal DHCP options can lead to memory exhaustion of
@@ -181,7 +181,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
010: SECURITY FIX: August 9, 2014
All architectures
This patch contains a number of SSL library fixes.
@@ -190,7 +190,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
011: SECURITY FIX: October 1, 2014
All architectures
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
@@ -201,7 +201,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
012: RELIABILITY FIX: October 20, 2014
All architectures
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of
@@ -211,7 +211,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: RELIABILITY FIX: October 20, 2014
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
@@ -220,7 +220,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
014: RELIABILITY FIX: November 17, 2014
All architectures
A PF rule using an IPv4 address
@@ -232,7 +232,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: RELIABILITY FIX: November 17, 2014
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
@@ -241,7 +241,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
016: RELIABILITY FIX: December 5, 2014
All architectures
Several bugs were fixed that allowed a crash from remote when an active pipex
@@ -251,7 +251,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
017: RELIABILITY FIX: December 5, 2014
All architectures
An incorrect memcpy call would result in corrupted MAC addresses when
@@ -261,7 +261,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
018: RELIABILITY FIX: December 9, 2014
All architectures
Several bugs in virtio(4) can lead to hangs with virtio devices,
@@ -271,7 +271,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
019: SECURITY FIX: December 9, 2014
All architectures
One year after Ilja van Sprundel discovered and reported a large number
@@ -284,7 +284,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
020: SECURITY FIX: January 13, 2015
All architectures
Fix CVE-2014-6272 in libevent 1.4 event buffer handling. OpenBSD