===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.15
retrieving revision 1.16
diff -c -r1.15 -r1.16
*** www/errata56.html	2015/01/13 19:47:25	1.15
--- www/errata56.html	2015/02/14 04:36:51	1.16
***************
*** 82,88 ****
  
  <ul>
  
! <li><a name="001_rxr"></a>
  <font color="#009000"><strong>001: RELIABILITY FIX: September 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4).
--- 82,88 ----
  
  <ul>
  
! <li id="001_rxr">
  <font color="#009000"><strong>001: RELIABILITY FIX: September 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4).
***************
*** 91,97 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="002_nd6"></a>
  <font color="#009000"><strong>002: RELIABILITY FIX: October 1, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  If IPv6 autoconf is active on an interface and the autoconfprivacy extension is used,
--- 91,97 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="002_nd6">
  <font color="#009000"><strong>002: RELIABILITY FIX: October 1, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  If IPv6 autoconf is active on an interface and the autoconfprivacy extension is used,
***************
*** 105,111 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="003_nginx"></a>
  <font color="#009000"><strong>003: SECURITY FIX: October 1, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
--- 105,111 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="003_nginx">
  <font color="#009000"><strong>003: SECURITY FIX: October 1, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual
***************
*** 116,122 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="004_kernexec"></a>
  <font color="#009000"><strong>004: RELIABILITY FIX: October 20, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Executable headers with an unaligned address will trigger a kernel panic.
--- 116,122 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="004_kernexec">
  <font color="#009000"><strong>004: RELIABILITY FIX: October 20, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Executable headers with an unaligned address will trigger a kernel panic.
***************
*** 125,131 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="005_nosslv3"></a>
  <font color="#009000"><strong>005: SECURITY FIX: October 20, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  This patch disables the SSLv3 protocol by default.
--- 125,131 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="005_nosslv3">
  <font color="#009000"><strong>005: SECURITY FIX: October 20, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  This patch disables the SSLv3 protocol by default.
***************
*** 140,146 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="006_relayd"></a>
  <font color="#009000"><strong>006: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Certain http requests can crash relayd.
--- 140,146 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="006_relayd">
  <font color="#009000"><strong>006: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Certain http requests can crash relayd.
***************
*** 149,155 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="007_pfctl"></a>
  <font color="#009000"><strong>007: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  A PF rule using an IPv4 address
--- 149,155 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="007_pfctl">
  <font color="#009000"><strong>007: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  A PF rule using an IPv4 address
***************
*** 161,167 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="008_asr"></a>
  <font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
--- 161,167 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="008_asr">
  <font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
***************
*** 170,176 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="009_httpd"></a>
  <font color="#009000"><strong>009: RELIABILITY FIX: November 18, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  httpd was developed very rapidly in the weeks before 5.6 release, and
--- 170,176 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="009_httpd">
  <font color="#009000"><strong>009: RELIABILITY FIX: November 18, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  httpd was developed very rapidly in the weeks before 5.6 release, and
***************
*** 183,189 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="010_pipex"></a>
  <font color="#009000"><strong>010: RELIABILITY FIX: December 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Several bugs were fixed that allowed a crash from remote when an active pipex
--- 183,189 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="010_pipex">
  <font color="#009000"><strong>010: RELIABILITY FIX: December 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Several bugs were fixed that allowed a crash from remote when an active pipex
***************
*** 193,199 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="011_pppoe"></a>
  <font color="#009000"><strong>011: RELIABILITY FIX: December 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  An incorrect memcpy call would result in corrupted MAC addresses when
--- 193,199 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="011_pppoe">
  <font color="#009000"><strong>011: RELIABILITY FIX: December 5, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  An incorrect memcpy call would result in corrupted MAC addresses when
***************
*** 203,209 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="012_unbound"></a>
  <font color="#009000"><strong>012: RELIABILITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Fix a denial of service where a malicious authority could make the resolver chase an
--- 203,209 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="012_unbound">
  <font color="#009000"><strong>012: RELIABILITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Fix a denial of service where a malicious authority could make the resolver chase an
***************
*** 213,219 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="013_virtio"></a>
  <font color="#009000"><strong>013: RELIABILITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Missing memory barriers in virtio(4) can lead to hangs with virtio devices,
--- 213,219 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="013_virtio">
  <font color="#009000"><strong>013: RELIABILITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  Missing memory barriers in virtio(4) can lead to hangs with virtio devices,
***************
*** 223,229 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="014_xserver"></a>
  <font color="#009000"><strong>014: SECURITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  One year after Ilja van Sprundel discovered and reported a large number
--- 223,229 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="014_xserver">
  <font color="#009000"><strong>014: SECURITY FIX: December 9, 2014</strong></font>
  &nbsp; <i>All architectures</i><br>
  One year after Ilja van Sprundel discovered and reported a large number
***************
*** 236,242 ****
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li><a name="015_libevent"></a>
  <font color="#009000"><strong>015: SECURITY FIX: January 13, 2015</strong></font>
  &nbsp; <i>All architectures</i><br>
  Fix CVE-2014-6272 in libevent 1.4 event buffer handling.  OpenBSD
--- 236,242 ----
  A source code patch exists which remedies this problem.</a>
  <p>
  
! <li id="015_libevent">
  <font color="#009000"><strong>015: SECURITY FIX: January 13, 2015</strong></font>
  &nbsp; <i>All architectures</i><br>
  Fix CVE-2014-6272 in libevent 1.4 event buffer handling.  OpenBSD