===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata61.html,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- www/errata61.html 2017/07/05 15:56:53 1.17
+++ www/errata61.html 2017/08/03 16:48:08 1.18
@@ -253,6 +253,131 @@
A source code patch exists which remedies this problem.
+
+
+015: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+A SIGIO-related use-after-free can occur in two drivers.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+016: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+A missing length check in sendsyslog() may result in a kernel panic.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+017: SECURITY FIX: August 3, 2017
+ All architectures
+
+An out-of-bound read in vfs_getcwd_scandir() (mainly used for FUSE)
+may result in a kernel panic or info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+018: SECURITY FIX: August 3, 2017
+ All architectures
+
+An alignment issue in recv() may result in an info leak via ktrace().
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+019: SECURITY FIX: August 3, 2017
+ All architectures
+
+With an invalid address family, tcp_usrreq() may take an unintended code path.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+020: SECURITY FIX: August 3, 2017
+ All architectures
+
+Missing socket address validation from userland may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+021: SECURITY FIX: August 3, 2017
+ All architectures
+
+An uninitialized variable in ptrace() may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+022: SECURITY FIX: August 3, 2017
+ All architectures
+
+An uninitialized variable in fcntl() may result in an info leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+023: RELIABILITY FIX: August 3, 2017
+ All architectures
+
+An integer overflow in wsdisplay_cfg_ioctl() may result in an out-of-bounds
+read.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+024: SECURITY FIX: August 3, 2017
+ All architectures
+
+A race condition in sosplice() may result in a kernel memory leak.
+
+
+A source code patch exists which remedies this problem.
+
+
+
+
+025: SECURITY FIX: August 3, 2017
+ All architectures
+
+An out of bounds read could occur during processing of EAPOL frames in
+the wireless stack. Information from kernel memory could be leaked to
+root in userland via an ieee80211(9) ioctl.
+
+
+A source code patch exists which remedies this problem.
+
+