===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata56.html,v
retrieving revision 1.47
retrieving revision 1.48
diff -c -r1.47 -r1.48
*** www/errata56.html 2016/08/15 02:22:06 1.47
--- www/errata56.html 2016/10/16 19:11:30 1.48
***************
*** 70,76 ****
--- 70,76 ----
***************
*** 92,98 ****
All architectures
Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4).
!
A source code patch exists which remedies this problem.
--- 92,98 ----
All architectures
Incorrect RX ring computation leads to panics under load with bge(4), em(4) and ix(4).
!
A source code patch exists which remedies this problem.
*************** *** 106,112 ****
# ifconfig em0 -autoconfprivacy! A source code patch exists which remedies this problem.
--- 106,112 ----
# ifconfig em0 -autoconfprivacy! A source code patch exists which remedies this problem.
***************
*** 117,123 ****
host confusion attacks in some configurations.
This issue was assigned CVE-2014-3616.
!
A source code patch exists which remedies this problem.
--- 117,123 ----
host confusion attacks in some configurations.
This issue was assigned CVE-2014-3616.
!
A source code patch exists which remedies this problem.
***************
*** 126,132 ****
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
!
A source code patch exists which remedies this problem.
--- 126,132 ----
All architectures
Executable headers with an unaligned address will trigger a kernel panic.
!
A source code patch exists which remedies this problem.
*************** *** 141,147 **** but we recommend against the continued use of this obsolete protocol.
! A source code patch exists which remedies this problem.
--- 141,147 ---- but we recommend against the continued use of this obsolete protocol.
! A source code patch exists which remedies this problem.
***************
*** 150,156 ****
All architectures
Certain http requests can crash relayd.
!
A source code patch exists which remedies this problem.
--- 150,156 ----
All architectures
Certain http requests can crash relayd.
!
A source code patch exists which remedies this problem.
***************
*** 162,168 ****
from {192.0.2.1 2001:db8::1} to (pppoe0)", will have an incorrect /32
mask applied to the dynamic address.
!
A source code patch exists which remedies this problem.
--- 162,168 ----
from {192.0.2.1 2001:db8::1} to (pppoe0)", will have an incorrect /32
mask applied to the dynamic address.
!
A source code patch exists which remedies this problem.
***************
*** 171,177 ****
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
!
A source code patch exists which remedies this problem.
--- 171,177 ----
All architectures
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref.
!
A source code patch exists which remedies this problem.
***************
*** 184,190 ****
want to use it. Therefore here is a "jumbo" patch that brings in the
most important fixes.
!
A source code patch exists which remedies this problem.
Unfortunately the source tree found on the CD set contains a slightly different
--- 184,190 ----
want to use it. Therefore here is a "jumbo" patch that brings in the
most important fixes.
!
A source code patch exists which remedies this problem.
Unfortunately the source tree found on the CD set contains a slightly different
***************
*** 199,205 ****
Several bugs were fixed that allowed a crash from remote when an active pipex
session exists.
!
A source code patch exists which remedies this problem.
--- 199,205 ----
Several bugs were fixed that allowed a crash from remote when an active pipex
session exists.
!
A source code patch exists which remedies this problem.
***************
*** 209,215 ****
An incorrect memcpy call would result in corrupted MAC addresses when
using PPPOE.
!
A source code patch exists which remedies this problem.
--- 209,215 ----
An incorrect memcpy call would result in corrupted MAC addresses when
using PPPOE.
!
A source code patch exists which remedies this problem.
***************
*** 219,225 ****
Fix a denial of service where a malicious authority could make the resolver chase an
endless series of delegations. (CVE-2014-8602)
!
A source code patch exists which remedies this problem.
--- 219,225 ----
Fix a denial of service where a malicious authority could make the resolver chase an
endless series of delegations. (CVE-2014-8602)
!
A source code patch exists which remedies this problem.
***************
*** 229,235 ****
Missing memory barriers in virtio(4) can lead to hangs with virtio devices,
like vio(4) and vioblk(4).
!
A source code patch exists which remedies this problem.
--- 229,235 ----
Missing memory barriers in virtio(4) can lead to hangs with virtio devices,
like vio(4) and vioblk(4).
!
A source code patch exists which remedies this problem.
***************
*** 242,248 ****
X Advisory
!
A source code patch exists which remedies this problem.
--- 242,248 ----
X Advisory
!
A source code patch exists which remedies this problem.
***************
*** 255,261 ****
Libevent Advisory
!
A source code patch exists which remedies this problem.
--- 255,261 ----
Libevent Advisory
!
A source code patch exists which remedies this problem.
***************
*** 267,273 ****
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
--- 267,273 ----
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
***************
*** 276,282 ****
All architectures
Don't permit TLS client connections to be downgraded to weak keys.
!
A source code patch exists which remedies this problem.
--- 276,282 ----
All architectures
Don't permit TLS client connections to be downgraded to weak keys.
!
A source code patch exists which remedies this problem.
***************
*** 285,291 ****
All architectures
Another fix for buffer overflows in malformed fonts.
!
A source code patch exists which remedies this problem.
--- 285,291 ----
All architectures
Another fix for buffer overflows in malformed fonts.
!
A source code patch exists which remedies this problem.
***************
*** 297,303 ****
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
--- 297,303 ----
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
***************
*** 317,323 ****
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
--- 317,323 ----
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
***************
*** 327,333 ****
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
!
A source code patch exists which remedies this problem.
--- 327,333 ----
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
!
A source code patch exists which remedies this problem.
***************
*** 337,343 ****
A remote user can crash httpd by forcing the daemon to log to a file
before the logging system was initialized.
!
A source code patch exists which remedies this problem.
--- 337,343 ----
A remote user can crash httpd by forcing the daemon to log to a file
before the logging system was initialized.
!
A source code patch exists which remedies this problem.
***************
*** 346,352 ****
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
!
A source code patch exists which remedies this problem.
--- 346,352 ----
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
!
A source code patch exists which remedies this problem.
*************** *** 361,367 ****
--- 361,367 ----
*************** *** 373,379 ****
--- 373,379 ----
***************
*** 391,397 ****
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
--- 391,397 ----
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
***************
*** 400,406 ****
All architectures
A TCP socket can become confused and not properly cleanup resources.
!
A source code patch exists which remedies this problem.
--- 400,406 ----
All architectures
A TCP socket can become confused and not properly cleanup resources.
!
A source code patch exists which remedies this problem.
***************
*** 410,416 ****
A kernel memory leak could be triggered by an unprivileged user in
a failure case when using execve under systrace.
!
A source code patch exists which remedies this problem.
--- 410,416 ----
A kernel memory leak could be triggered by an unprivileged user in
a failure case when using execve under systrace.
!
A source code patch exists which remedies this problem.
***************
*** 421,427 ****
the obsolete SCCS and RCS support when processing a crafted input file.
This patch deletes the SCCS and RCS support.
!
A source code patch exists which remedies this problem.
--- 421,427 ----
the obsolete SCCS and RCS support when processing a crafted input file.
This patch deletes the SCCS and RCS support.
!
A source code patch exists which remedies this problem.
***************
*** 430,436 ****
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
!
A source code patch exists which remedies this problem.
--- 430,436 ----
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
!
A source code patch exists which remedies this problem.
*************** *** 449,455 ****
--- 449,455 ----
***************
*** 458,464 ****
All architectures
A problem with timer kevents could result in a kernel hang (local denial
of service).
!
A source code patch exists which remedies this problem.
--- 458,464 ----
All architectures
A problem with timer kevents could result in a kernel hang (local denial
of service).
!
A source code patch exists which remedies this problem.
***************
*** 467,473 ****
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
and memory leak, as reported by Qualys Security.
!
A source code patch exists which remedies this problem.
--- 467,473 ----
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
and memory leak, as reported by Qualys Security.
!
A source code patch exists which remedies this problem.