===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata57.html,v
retrieving revision 1.41
retrieving revision 1.42
diff -c -r1.41 -r1.42
*** www/errata57.html 2016/08/15 02:22:06 1.41
--- www/errata57.html 2016/10/16 19:11:30 1.42
***************
*** 70,76 ****
--- 70,76 ----
***************
*** 105,111 ****
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
--- 105,111 ----
For more information, see the
X.org advisory.
!
A source code patch exists which remedies this problem.
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
***************
*** 125,131 ****
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
--- 125,131 ----
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
***************
*** 135,141 ****
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
!
A source code patch exists which remedies this problem.
--- 135,141 ----
Fix a logic error in smtpd handling of SNI.
This could allow a remote user to crash the server or provoke a disconnect of other sessions.
!
A source code patch exists which remedies this problem.
***************
*** 145,151 ****
A remote user can crash httpd by forcing the daemon to log to a file
before the logging system was initialized.
!
A source code patch exists which remedies this problem.
--- 145,151 ----
A remote user can crash httpd by forcing the daemon to log to a file
before the logging system was initialized.
!
A source code patch exists which remedies this problem.
***************
*** 154,160 ****
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
!
A source code patch exists which remedies this problem.
--- 154,160 ----
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
!
A source code patch exists which remedies this problem.
*************** *** 169,175 ****
--- 169,175 ----
*************** *** 181,187 ****
--- 181,187 ----
***************
*** 199,205 ****
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
--- 199,205 ----
For more information, see the
OpenSSL advisory.
!
A source code patch exists which remedies this problem.
***************
*** 208,214 ****
All architectures
A TCP socket can become confused and not properly cleanup resources.
!
A source code patch exists which remedies this problem.
--- 208,214 ----
All architectures
A TCP socket can become confused and not properly cleanup resources.
!
A source code patch exists which remedies this problem.
***************
*** 218,224 ****
A kernel memory leak could be triggered by an unprivileged user in
a failure case when using execve under systrace.
!
A source code patch exists which remedies this problem.
--- 218,224 ----
A kernel memory leak could be triggered by an unprivileged user in
a failure case when using execve under systrace.
!
A source code patch exists which remedies this problem.
***************
*** 229,235 ****
the obsolete RCS support when processing a crafted input file.
This patch deletes the RCS support.
!
A source code patch exists which remedies this problem.
--- 229,235 ----
the obsolete RCS support when processing a crafted input file.
This patch deletes the RCS support.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
!
A source code patch exists which remedies this problem.
--- 238,244 ----
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
!
A source code patch exists which remedies this problem.
***************
*** 248,254 ****
A change to sshd resulted in incorrect permissions being applied to pseudo
terminal devices, allowing local users to write to (but not read from) them.
!
A source code patch exists which remedies this problem.
--- 248,254 ----
A change to sshd resulted in incorrect permissions being applied to pseudo
terminal devices, allowing local users to write to (but not read from) them.
!
A source code patch exists which remedies this problem.
***************
*** 258,264 ****
Various problems were identified in relayd and merged back from
current to 5.7 in this maintanance update.
!
A source code patch exists which remedies this problem.
--- 258,264 ----
Various problems were identified in relayd and merged back from
current to 5.7 in this maintanance update.
!
A source code patch exists which remedies this problem.
***************
*** 267,273 ****
All architectures
An incorrect operation in uvm could result in system panics.
!
A source code patch exists which remedies this problem.
--- 267,273 ----
All architectures
An incorrect operation in uvm could result in system panics.
!
A source code patch exists which remedies this problem.
*************** *** 286,292 ****
--- 286,292 ----
***************
*** 295,301 ****
All architectures
A problem with timer kevents could result in a kernel hang (local denial
of service).
!
A source code patch exists which remedies this problem.
--- 295,301 ----
All architectures
A problem with timer kevents could result in a kernel hang (local denial
of service).
!
A source code patch exists which remedies this problem.
***************
*** 304,310 ****
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
and memory leak, as reported by Qualys Security.
!
A source code patch exists which remedies this problem.
--- 304,310 ----
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
and memory leak, as reported by Qualys Security.
!
A source code patch exists which remedies this problem.
***************
*** 313,319 ****
All architectures
Insufficient validation of RSN element group cipher values in 802.11
beacons and probe responses could result in system panics.
!
A source code patch exists which remedies this problem.
--- 313,319 ----
All architectures
Insufficient validation of RSN element group cipher values in 802.11
beacons and probe responses could result in system panics.
!
A source code patch exists which remedies this problem.
***************
*** 322,328 ****
All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to
services configured to verify client certificates on TLS/SSL connections.
!
A source code patch exists which remedies this problem.
--- 322,328 ----
All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to
services configured to verify client certificates on TLS/SSL connections.
!
A source code patch exists which remedies this problem.
***************
*** 335,354 ****
Prevent this problem immediately by adding the line "UseRoaming no" to
/etc/ssh/ssh_config.
!
A source code patch exists which remedies this problem.
--- 335,354 ----
Prevent this problem immediately by adding the line "UseRoaming no" to
/etc/ssh/ssh_config.
!
A source code patch exists which remedies this problem.
***************
*** 359,365 ****
processing allow a local user to send UDP packets with a source
(IPv6 address + port) already reserved by another user.
!
A source code patch exists which remedies this problem.
--- 359,365 ----
processing allow a local user to send UDP packets with a source
(IPv6 address + port) already reserved by another user.
!
A source code patch exists which remedies this problem.