===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata59.html,v
retrieving revision 1.28
retrieving revision 1.29
diff -c -r1.28 -r1.29
*** www/errata59.html 2016/10/13 15:27:41 1.28
--- www/errata59.html 2016/10/16 19:11:30 1.29
***************
*** 69,75 ****
--- 69,75 ----
*************** *** 89,101 ****
--- 89,101 ----
***************
*** 106,112 ****
processing allow a local user to send UDP packets with a source
(IPv6 address + port) already reserved by another user.
!
A source code patch exists which remedies this problem.
--- 106,112 ----
processing allow a local user to send UDP packets with a source
(IPv6 address + port) already reserved by another user.
!
A source code patch exists which remedies this problem.
***************
*** 116,122 ****
Incorrect path processing in pledge_namei() could result in unexpected
program termination of pledge(2)'d programs.
!
A source code patch exists which remedies this problem.
--- 116,122 ----
Incorrect path processing in pledge_namei() could result in unexpected
program termination of pledge(2)'d programs.
!
A source code patch exists which remedies this problem.
***************
*** 125,131 ****
All architectures
A problem in m_dup_pkt() can result in kernel crashes with carp(4).
!
A source code patch exists which remedies this problem.
--- 125,131 ----
All architectures
A problem in m_dup_pkt() can result in kernel crashes with carp(4).
!
A source code patch exists which remedies this problem.
*************** *** 141,147 ****
--- 141,147 ----
*************** *** 153,159 ****
--- 153,159 ----
***************
*** 163,169 ****
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
memory contents to a local user.
!
A source code patch exists which remedies this problem.
--- 163,169 ----
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel
memory contents to a local user.
!
A source code patch exists which remedies this problem.
***************
*** 172,178 ****
All architectures
Fix issue in the bnx(4) ethernet driver that could cause data corruption.
!
A source code patch exists which remedies this problem.
--- 172,178 ----
All architectures
Fix issue in the bnx(4) ethernet driver that could cause data corruption.
!
A source code patch exists which remedies this problem.
***************
*** 181,187 ****
All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
!
A source code patch exists which remedies this problem.
--- 181,187 ----
All architectures
Fix a bug in the libcrypto library when parsing certain ASN.1 elements.
!
A source code patch exists which remedies this problem.
***************
*** 191,197 ****
Fix issues in the libexpat library to prevent multiple integer and
buffer overflows.
!
A source code patch exists which remedies this problem.
--- 191,197 ----
Fix issues in the libexpat library to prevent multiple integer and
buffer overflows.
!
A source code patch exists which remedies this problem.
***************
*** 201,207 ****
Correct a problem that prevents the DSA signing algorithm from running
in constant time even if the flag BN_FLG_CONSTTIME is set.
!
A source code patch exists which remedies this problem.
--- 201,207 ----
Correct a problem that prevents the DSA signing algorithm from running
in constant time even if the flag BN_FLG_CONSTTIME is set.
!
A source code patch exists which remedies this problem.
***************
*** 210,216 ****
All architectures
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages.
!
A source code patch exists which remedies this problem.
--- 210,216 ----
All architectures
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages.
!
A source code patch exists which remedies this problem.
***************
*** 219,225 ****
All architectures
Splicing sockets in a loop could cause a kernel spin.
!
A source code patch exists which remedies this problem.
--- 219,225 ----
All architectures
Splicing sockets in a loop could cause a kernel spin.
!
A source code patch exists which remedies this problem.
***************
*** 229,235 ****
Multiple processes exiting with a fd-passing control message on a
shared socket could crash the system.
!
A source code patch exists which remedies this problem.
--- 229,235 ----
Multiple processes exiting with a fd-passing control message on a
shared socket could crash the system.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
!
A source code patch exists which remedies this problem.
--- 238,244 ----
All architectures
ufs_readdir failed to limit size of memory allocation, leading to panics.
!
A source code patch exists which remedies this problem.
***************
*** 248,254 ****
The mmap extension __MAP_NOFAULT could overcommit resources and crash
the system.
!
A source code patch exists which remedies this problem.
--- 248,254 ----
The mmap extension __MAP_NOFAULT could overcommit resources and crash
the system.
!
A source code patch exists which remedies this problem.
***************
*** 258,264 ****
A race occuring in the unlocked ARP input path can lead to a kernel
NULL dereference.
!
A source code patch exists which remedies this problem.
--- 258,264 ----
A race occuring in the unlocked ARP input path can lead to a kernel
NULL dereference.
!
A source code patch exists which remedies this problem.
***************
*** 267,273 ****
All architectures
Tick counting overflows could cause a kernel crash.
!
A source code patch exists which remedies this problem.
--- 267,273 ----
All architectures
Tick counting overflows could cause a kernel crash.
!
A source code patch exists which remedies this problem.
***************
*** 276,282 ****
All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
!
A source code patch exists which remedies this problem.
--- 276,282 ----
All architectures
Invalid file descriptor use with kevent(2) could lead to a kernel crash.
!
A source code patch exists which remedies this problem.
***************
*** 287,293 ****
could cause malloc(9) to either not allocate enough memory, leading to memory
corruption, or to trigger a "malloc: allocation too large" panic.
!
A source code patch exists which remedies this problem.
--- 287,293 ----
could cause malloc(9) to either not allocate enough memory, leading to memory
corruption, or to trigger a "malloc: allocation too large" panic.
!
A source code patch exists which remedies this problem.
***************
*** 297,303 ****
When signaling an error to an HTTP relay client, the connection can be
terminated prematurely, leading to a crash.
!
A source code patch exists which remedies this problem.
--- 297,303 ----
When signaling an error to an HTTP relay client, the connection can be
terminated prematurely, leading to a crash.
!
A source code patch exists which remedies this problem.
***************
*** 308,314 ****
A missing NULL check in sysctl code results in a crash.
!
A source code patch exists which remedies this problem.
--- 308,314 ----
A missing NULL check in sysctl code results in a crash.
!
A source code patch exists which remedies this problem.
***************
*** 319,325 ****
Missing overflow checks in uvm may result in panics.
!
A source code patch exists which remedies this problem.
--- 319,325 ----
Missing overflow checks in uvm may result in panics.
!
A source code patch exists which remedies this problem.
***************
*** 332,338 ****
See the
perl5-porters announcement for details.
!
A source code patch exists which remedies this problem.
--- 332,338 ----
See the
perl5-porters announcement for details.
!
A source code patch exists which remedies this problem.
***************
*** 344,350 ****
Improve relayd's parsing of the Host-header by following RFC 7230
Section 5.4 more strictly.
!
A source code patch exists which remedies this problem.
--- 344,350 ----
Improve relayd's parsing of the Host-header by following RFC 7230
Section 5.4 more strictly.
!
A source code patch exists which remedies this problem.
***************
*** 355,361 ****
Limit the number of wscons fonts that can be loaded into the kernel.
!
A source code patch exists which remedies this problem.
--- 355,361 ----
Limit the number of wscons fonts that can be loaded into the kernel.
!
A source code patch exists which remedies this problem.
***************
*** 367,373 ****
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
!
A source code patch exists which remedies this problem.
--- 367,373 ----
Avoid unbounded memory growth in libssl, which can be triggered by a TLS
client repeatedly renegotiating and sending OCSP Status Request TLS extensions.
!
A source code patch exists which remedies this problem.
***************
*** 378,384 ****
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
!
A source code patch exists which remedies this problem.
--- 378,384 ----
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl.
!
A source code patch exists which remedies this problem.
***************
*** 390,396 ****
Fix a number of issues in the way various X client libraries handle
server responses.
!
A source code patch exists which remedies this problem.
--- 390,396 ----
Fix a number of issues in the way various X client libraries handle
server responses.
!
A source code patch exists which remedies this problem.