=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata58.html,v retrieving revision 1.32 retrieving revision 1.33 diff -c -r1.32 -r1.33 *** www/errata58.html 2016/08/15 02:22:06 1.32 --- www/errata58.html 2016/10/16 19:11:30 1.33 *************** *** 70,76 ****

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

--- 70,76 ----

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

*************** *** 93,99 **** Inverted logic made PermitRootLogin "prohibit-password" unsafe. Use "no" (which is the installer default), or apply the following patch.
! A source code patch exists which remedies this problem.

--- 93,99 ---- Inverted logic made PermitRootLogin "prohibit-password" unsafe. Use "no" (which is the installer default), or apply the following patch.
! A source code patch exists which remedies this problem.

*************** *** 103,109 **** LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted.
! A source code patch exists which remedies this problem.

--- 103,109 ---- LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted.
! A source code patch exists which remedies this problem.

*************** *** 112,118 **** All architectures
An incorrect operation in uvm could result in system panics.
! A source code patch exists which remedies this problem.

--- 112,118 ---- All architectures
An incorrect operation in uvm could result in system panics.
! A source code patch exists which remedies this problem.

*************** *** 131,137 ****

hardlink and symlink attacks allowed a local user to unset chflags or leak the first line of an arbitrary file. ! A source code patch exists which remedies this problem.

--- 131,137 ----

hardlink and symlink attacks allowed a local user to unset chflags or leak the first line of an arbitrary file. ! A source code patch exists which remedies this problem.

*************** *** 140,146 **** All architectures
A problem with timer kevents could result in a kernel hang (local denial of service).
! A source code patch exists which remedies this problem.

--- 140,146 ---- All architectures
A problem with timer kevents could result in a kernel hang (local denial of service).
! A source code patch exists which remedies this problem.

*************** *** 151,157 **** and does not match the 5.8 release builds.
! A replacement file is available in the 5.8 release directory with the name cd-src.tar.gz; due to size of the file, check local mirrors also.

--- 151,157 ---- and does not match the 5.8 release builds.
! A replacement file is available in the 5.8 release directory with the name cd-src.tar.gz; due to size of the file, check local mirrors also.

*************** *** 160,166 **** All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak, as reported by Qualys Security.
! A source code patch exists which remedies this problem.

--- 160,166 ---- All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak, as reported by Qualys Security.
! A source code patch exists which remedies this problem.

*************** *** 169,175 **** All architectures
Insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics.
! A source code patch exists which remedies this problem.

--- 169,175 ---- All architectures
Insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics.
! A source code patch exists which remedies this problem.

*************** *** 178,184 **** All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections.
! A source code patch exists which remedies this problem.

--- 178,184 ---- All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections.
! A source code patch exists which remedies this problem.

*************** *** 191,210 **** Prevent this problem immediately by adding the line "UseRoaming no" to /etc/ssh/ssh_config.
! A source code patch exists which remedies this problem.

011: SECURITY FIX: March 10, 2016 All architectures
! Lack of credential sanitization allows injection of commands to xauth(1).
Prevent this problem immediately by not using the "X11Forwarding" feature (which is disabled by default)
! A source code patch exists which remedies this problem.

--- 191,210 ---- Prevent this problem immediately by adding the line "UseRoaming no" to /etc/ssh/ssh_config.
! A source code patch exists which remedies this problem.

*************** *** 215,221 **** processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.
! A source code patch exists which remedies this problem.

--- 215,221 ---- processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.
! A source code patch exists which remedies this problem.

*************** *** 232,238 ****

ASN.1 BIO excessive memory allocation (CVE-2016-2109)
! A source code patch exists which remedies this problem.

--- 232,238 ----

ASN.1 BIO excessive memory allocation (CVE-2016-2109)
! A source code patch exists which remedies this problem.

*************** *** 242,248 **** Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel memory contents to a local user.
! A source code patch exists which remedies this problem.

--- 242,248 ---- Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel memory contents to a local user.
! A source code patch exists which remedies this problem.

*************** *** 251,257 **** All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
! A source code patch exists which remedies this problem.

--- 251,257 ---- All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
! A source code patch exists which remedies this problem.

*************** *** 260,266 **** All architectures
Fix issues in the libexpat library to prevent multiple integer and buffer overflows.
! A source code patch exists which remedies this problem.

--- 260,266 ---- All architectures
Fix issues in the libexpat library to prevent multiple integer and buffer overflows.
! A source code patch exists which remedies this problem.

*************** *** 270,276 **** Correct a problem that prevents the DSA signing algorithm from running in constant time even if the flag BN_FLG_CONSTTIME is set.
! A source code patch exists which remedies this problem.

--- 270,276 ---- Correct a problem that prevents the DSA signing algorithm from running in constant time even if the flag BN_FLG_CONSTTIME is set.
! A source code patch exists which remedies this problem.

*************** *** 279,285 **** All architectures
Splicing sockets in a loop could cause a kernel spin.
! A source code patch exists which remedies this problem.

--- 279,285 ---- All architectures
Splicing sockets in a loop could cause a kernel spin.
! A source code patch exists which remedies this problem.

*************** *** 288,294 **** All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
! A source code patch exists which remedies this problem.

--- 288,294 ---- All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
! A source code patch exists which remedies this problem.

*************** *** 298,304 **** The mmap extension __MAP_NOFAULT could overcommit resources and crash the system.
! A source code patch exists which remedies this problem.

--- 298,304 ---- The mmap extension __MAP_NOFAULT could overcommit resources and crash the system.
! A source code patch exists which remedies this problem.

*************** *** 307,313 **** All architectures
Tick counting overflows could cause a kernel crash.
! A source code patch exists which remedies this problem.

--- 307,313 ---- All architectures
Tick counting overflows could cause a kernel crash.
! A source code patch exists which remedies this problem.

*************** *** 316,322 **** All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
! A source code patch exists which remedies this problem.

--- 316,322 ---- All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
! A source code patch exists which remedies this problem.

*************** *** 327,333 **** could cause malloc(9) to either not allocate enough memory, leading to memory corruption, or to trigger a "malloc: allocation too large" panic.
! A source code patch exists which remedies this problem.

--- 327,333 ---- could cause malloc(9) to either not allocate enough memory, leading to memory corruption, or to trigger a "malloc: allocation too large" panic.
! A source code patch exists which remedies this problem.

*************** *** 337,343 **** When signaling an error to an HTTP relay client, the connection can be terminated prematurely, leading to a crash.
! A source code patch exists which remedies this problem.

--- 337,343 ---- When signaling an error to an HTTP relay client, the connection can be terminated prematurely, leading to a crash.
! A source code patch exists which remedies this problem.

*************** *** 348,354 ****
A missing NULL check in sysctl code results in a crash.
! A source code patch exists which remedies this problem.

--- 348,354 ----
A missing NULL check in sysctl code results in a crash.
! A source code patch exists which remedies this problem.

*************** *** 359,365 ****
Missing overflow checks in uvm may result in panics.
! A source code patch exists which remedies this problem.

--- 359,365 ----
Missing overflow checks in uvm may result in panics.
! A source code patch exists which remedies this problem.

*************** *** 372,378 **** See the perl5-porters announcement for details.
! A source code patch exists which remedies this problem.

--- 372,378 ---- See the perl5-porters announcement for details.
! A source code patch exists which remedies this problem.

*************** *** 384,390 **** Improve relayd's parsing of the Host-header by following RFC 7230 Section 5.4 more strictly.
! A source code patch exists which remedies this problem.

--- 384,390 ---- Improve relayd's parsing of the Host-header by following RFC 7230 Section 5.4 more strictly.
! A source code patch exists which remedies this problem.