=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata58.html,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- www/errata58.html 2016/08/15 02:22:06 1.32 +++ www/errata58.html 2016/10/16 19:11:30 1.33 @@ -70,7 +70,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

@@ -93,7 +93,7 @@ Inverted logic made PermitRootLogin "prohibit-password" unsafe. Use "no" (which is the installer default), or apply the following patch.
- + A source code patch exists which remedies this problem.

@@ -103,7 +103,7 @@ LibreSSL 2.2.2 incorrectly handles ClientHello messages that do not include TLS extensions, resulting in such handshakes being aborted.
- + A source code patch exists which remedies this problem.

@@ -112,7 +112,7 @@   All architectures
An incorrect operation in uvm could result in system panics.
- + A source code patch exists which remedies this problem.

@@ -131,7 +131,7 @@

  • hardlink and symlink attacks allowed a local user to unset chflags or leak the first line of an arbitrary file. - + A source code patch exists which remedies this problem.

    @@ -140,7 +140,7 @@   All architectures
    A problem with timer kevents could result in a kernel hang (local denial of service).
    - + A source code patch exists which remedies this problem.

    @@ -151,7 +151,7 @@ and does not match the 5.8 release builds.
    - + A replacement file is available in the 5.8 release directory with the name cd-src.tar.gz; due to size of the file, check local mirrors also.

    @@ -160,7 +160,7 @@   All architectures
    The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun and memory leak, as reported by Qualys Security.
    - + A source code patch exists which remedies this problem.

    @@ -169,7 +169,7 @@   All architectures
    Insufficient validation of RSN element group cipher values in 802.11 beacons and probe responses could result in system panics.
    - + A source code patch exists which remedies this problem.

    @@ -178,7 +178,7 @@   All architectures
    A NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections.
    - + A source code patch exists which remedies this problem.

    @@ -191,20 +191,20 @@ Prevent this problem immediately by adding the line "UseRoaming no" to /etc/ssh/ssh_config.
    - + A source code patch exists which remedies this problem.

  • 011: SECURITY FIX: March 10, 2016   All architectures
    - + Lack of credential sanitization allows injection of commands to xauth(1).
    Prevent this problem immediately by not using the "X11Forwarding" feature (which is disabled by default)
    - + A source code patch exists which remedies this problem.

    @@ -215,7 +215,7 @@ processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.
    - + A source code patch exists which remedies this problem.

    @@ -232,7 +232,7 @@

  • ASN.1 BIO excessive memory allocation (CVE-2016-2109)
    - + A source code patch exists which remedies this problem.

    @@ -242,7 +242,7 @@ Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel memory contents to a local user.
    - + A source code patch exists which remedies this problem.

    @@ -251,7 +251,7 @@   All architectures
    Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
    - + A source code patch exists which remedies this problem.

    @@ -260,7 +260,7 @@   All architectures
    Fix issues in the libexpat library to prevent multiple integer and buffer overflows.
    - + A source code patch exists which remedies this problem.

    @@ -270,7 +270,7 @@ Correct a problem that prevents the DSA signing algorithm from running in constant time even if the flag BN_FLG_CONSTTIME is set.
    - + A source code patch exists which remedies this problem.

    @@ -279,7 +279,7 @@   All architectures
    Splicing sockets in a loop could cause a kernel spin.
    - + A source code patch exists which remedies this problem.

    @@ -288,7 +288,7 @@   All architectures
    ufs_readdir failed to limit size of memory allocation, leading to panics.
    - + A source code patch exists which remedies this problem.

    @@ -298,7 +298,7 @@ The mmap extension __MAP_NOFAULT could overcommit resources and crash the system.
    - + A source code patch exists which remedies this problem.

    @@ -307,7 +307,7 @@   All architectures
    Tick counting overflows could cause a kernel crash.
    - + A source code patch exists which remedies this problem.

    @@ -316,7 +316,7 @@   All architectures
    Invalid file descriptor use with kevent(2) could lead to a kernel crash.
    - + A source code patch exists which remedies this problem.

    @@ -327,7 +327,7 @@ could cause malloc(9) to either not allocate enough memory, leading to memory corruption, or to trigger a "malloc: allocation too large" panic.
    - + A source code patch exists which remedies this problem.

    @@ -337,7 +337,7 @@ When signaling an error to an HTTP relay client, the connection can be terminated prematurely, leading to a crash.
    - + A source code patch exists which remedies this problem.

    @@ -348,7 +348,7 @@
    A missing NULL check in sysctl code results in a crash.
    - + A source code patch exists which remedies this problem.

    @@ -359,7 +359,7 @@
    Missing overflow checks in uvm may result in panics.
    - + A source code patch exists which remedies this problem.

    @@ -372,7 +372,7 @@ See the perl5-porters announcement for details.
    - + A source code patch exists which remedies this problem.

    @@ -384,7 +384,7 @@ Improve relayd's parsing of the Host-header by following RFC 7230 Section 5.4 more strictly.
    - + A source code patch exists which remedies this problem.