===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata58.html,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- www/errata58.html 2017/03/28 04:04:52 1.36
+++ www/errata58.html 2017/03/28 06:41:18 1.37
@@ -71,7 +71,7 @@
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
-signify(1) tool and contains
+signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
@@ -85,7 +85,7 @@
--
+
-
001: SECURITY FIX: August 30, 2015
All architectures
Inverted logic made PermitRootLogin "prohibit-password" unsafe.
@@ -95,7 +95,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
002: INTEROPERABILITY FIX: August 30, 2015
All architectures
LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not
@@ -105,7 +105,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
003: RELIABILITY FIX: September 28, 2015
All architectures
An incorrect operation in uvm could result in system panics.
@@ -114,7 +114,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
004: SECURITY FIX: October 1, 2015
All architectures
Fix multiple reliability and security issues in smtpd:
@@ -133,7 +133,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
005: RELIABILITY FIX: October 14, 2015
All architectures
A problem with timer kevents could result in a kernel hang (local denial
@@ -142,7 +142,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
006: RELEASE CD ISSUE: Oct 18, 2015
All architectures
The "src.tar.gz" file on the source tree was created on the wrong day,
@@ -153,7 +153,7 @@
A replacement file is available in the 5.8 release directory with the name cd-src.tar.gz; due to size of the file, check local mirrors also.
-
-
+
-
007: RELIABILITY FIX: October 15, 2015
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
@@ -162,7 +162,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
008: RELIABILITY FIX: November 9, 2015
All architectures
Insufficient validation of RSN element group cipher values in 802.11
@@ -171,7 +171,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
009: RELIABILITY FIX: Dec 3, 2015
All architectures
A NULL pointer dereference could be triggered by a crafted certificate sent to
@@ -180,7 +180,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
010: SECURITY FIX: January 14, 2016
All architectures
Experimental roaming code in the ssh client could be tricked by a hostile sshd
@@ -193,7 +193,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
011: SECURITY FIX: March 10, 2016
All architectures
@@ -206,7 +206,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
012: SECURITY FIX: March 16, 2016
All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option
@@ -217,7 +217,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
013: SECURITY FIX: May 3, 2016
All architectures
Fix issues in the libcrypto library.
@@ -234,7 +234,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
014: SECURITY FIX: May 17, 2016
All architectures
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
@@ -244,7 +244,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
015: RELIABILITY FIX: May 29, 2016
All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
@@ -253,7 +253,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
016: SECURITY FIX: June 2, 2016
All architectures
Fix issues in the libexpat library to prevent multiple integer and buffer overflows.
@@ -262,7 +262,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
017: SECURITY FIX: June 6, 2016
All architectures
Correct a problem that prevents the DSA signing algorithm from running
@@ -272,7 +272,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
018: RELIABILITY FIX: July 14, 2016
All architectures
Splicing sockets in a loop could cause a kernel spin.
@@ -281,7 +281,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
019: RELIABILITY FIX: July 14, 2016
All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
@@ -290,7 +290,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
020: SECURITY FIX: July 14, 2016
All architectures
The mmap extension __MAP_NOFAULT could overcommit resources and crash
@@ -300,7 +300,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
021: RELIABILITY FIX: July 14, 2016
All architectures
Tick counting overflows could cause a kernel crash.
@@ -309,7 +309,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
022: RELIABILITY FIX: July 14, 2016
All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
@@ -318,7 +318,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
023: RELIABILITY FIX: July 14, 2016
All architectures
Unchecked parameters and integer overflows in the amap allocation routines
@@ -329,7 +329,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
024: RELIABILITY FIX: July 25, 2016
All architectures
When signaling an error to an HTTP relay client, the connection can be
@@ -339,7 +339,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
025: RELIABILITY FIX: August 2, 2016
All architectures
@@ -350,7 +350,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
026: RELIABILITY FIX: August 2, 2016
All architectures
@@ -361,7 +361,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
027: SECURITY FIX: August 6, 2016
All architectures
@@ -374,7 +374,7 @@
A source code patch exists which remedies this problem.
-
-
+
-
028: RELIABILITY FIX: August 6, 2016
All architectures