===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata60.html,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- www/errata60.html 2017/06/26 17:18:57 1.35
+++ www/errata60.html 2017/08/03 16:48:08 1.36
@@ -408,6 +408,131 @@
A source code patch exists which remedies this problem.
+
+
+029: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+A SIGIO-related use-after-free can occur in two drivers.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+030: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+A missing length check in sendsyslog() may result in a kernel panic.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+031: SECURITY FIX: August 3, 2017
+ All architectures
+
+An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
+may result in a kernel panic or info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+032: SECURITY FIX: August 3, 2017
+ All architectures
+
+An alignment issue in recv() may result in an info leak via ktrace().
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+033: SECURITY FIX: August 3, 2017
+ All architectures
+
+With an invalid address family, tcp_usrreq() may take an unintended code path.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+034: SECURITY FIX: August 3, 2017
+ All architectures
+
+Missing socket address validation from userland may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+035: SECURITY FIX: August 3, 2017
+ All architectures
+
+An uninitialized variable in ptrace() may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+036: SECURITY FIX: August 3, 2017
+ All architectures
+
+An uninitialized variable in fcntl() may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+037: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
+read.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+038: SECURITY FIX: August 3, 2017
+ All architectures
+
+A race condition may result in a kernel memory leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+039: SECURITY FIX: August 3, 2017
+ All architectures
+
+An out of bounds read could occur during processing of EAPOL frames in
+the wireless stack. Information from kernel memory could be leaked to
+root in userland via an ieee80211(9) ioctl.
+
+
+A source code patch exists which remedies this problem.
+
+