www/security.html - diff

Return to security.html CVS log

Up to [local] / www

Diff for /www/security.html between version 1.58 and 1.59

version 1.58, 1998/05/05 18:44:41

version 1.59, 1998/05/05 19:00:48

Line 115

in <a href=anoncvs.html>OpenBSD current</a>.

<ul>

<li><a href=errata.html#xterm-xaw>Buffer overflow in xterm and Xaw

<li><a href=errata.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm and Xaw

(CERT advisory VB-98.04) (patch included).</a>

<li><a href=errata.html#ipsec>Incorrect handling of IPSEC packets if IPSEC is

<li><a href=errata.html#ipsec>May 5, 1998: Incorrect handling of IPSEC packets

enabled (patch included).</a>

if IPSEC is enabled (patch included).</a>

</ul>

Line 130

OpenBSD 2.2; they may or may not work on OpenBSD 2.1).

<ul>

<li><a href=errata22.html#ipsec>Incorrect handling of IPSEC packets if IPSEC is

<li><a href=errata22.html#f00f>Dec 10, 1997: Intel P5 f00f lockup

enabled (patch included).</a>

(patch included).</a>

<li><a href=errata22.html#xterm-xaw>Buffer overflow in xterm and Xaw

<li><a href=errata22.html#ldso>Feb 9, 1998: MIPS ld.so flaw (patch included).</a>

(CERT advisory VB-98.04) (patch included).</a>

<li><a href=errata22.html#ruserok>Feb 13, 1998: Setuid coredump & Ruserok()

<li><a href=errata22.html#f00f>Intel P5 f00f lockup (patch included).</a>

flaw (patch included).</a>

<li><a href=advisories/sourceroute>Sourcerouted Packet Acceptance.</a>

<li><a href=advisories/sourceroute>Feb 19, 1998: Sourcerouted Packet

Acceptance.</a>

A patch is available <a href=errata22.html#sourceroute>here</a>.

<li><a href=errata22.html#ruserok>Setuid coredump & Ruserok() flaw (patch included).</a>

<li><a href=advisories/mmap>Feb 26, 1998: Read-write mmap() flaw.</a>

<li><a href=advisories/mmap>Read-write mmap() flaw.</a>

Revision 3 of the patch is available <a href=errata22.html#mmap>here</a>

<li><a href=errata22.html#ldso>MIPS ld.so flaw (patch included).</a>

<li><a href=errata22.html#mountd>Mar 2, 1998: Accidental NFS filesystem

<li><a href=errata22.html#mountd>Accidental NFS filesystem export (patch included).</a>

export (patch included).</a>

<li><a href=errata22.html#named>Overflow in named fake-iquery (patch included).</a>

<li><a href=errata22.html#named>Mar 30, 1998: Overflow in named fake-iquery

<li><a href=errata22.html#ping>Overflow in ping -R (patch included).</a>

(patch included).</a>

<li><a href=errata22.html#uucpd>Buffer overflow in uucpd (patch included).</a>

<li><a href=errata22.html#ping>Mar 31, 1998: Overflow in ping -R (patch included).</a>

<li><a href=errata22.html#rmjob>Buffer mismanagement in lprm (patch included).</a>

<li><a href=errata22.html#uucpd>Apr 22, 1998: Buffer overflow in uucpd

(patch included).</a>

<li><a href=errata22.html#rmjob>Apr 22, 1998: Buffer mismanagement in lprm

(patch included).</a>

<li><a href=errata22.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm

and Xaw (CERT advisory VB-98.04) (patch included).</a>

<li><a href=errata22.html#ipsec>May 5, 1998: Incorrect handling of IPSEC

packets if IPSEC is enabled (patch included).</a>

</ul>

Line 161

Line 168

make it hard for us to provide patches).

<ul>

<li><a href=advisories/rfork>Rfork() system call flaw (patch included)</a>

<li><a href=advisories/rfork>Aug 2, 1997: Rfork() system call flaw

<li><a href=advisories/procfs>Procfs flaws (patch included)</a>

(patch included)</a>

<li><a href=advisories/signals>Deviant Signals (patch included)</a>

<li><a href=advisories/procfs>Jun 24, 1997: Procfs flaws (patch included)</a>

<li><a href=advisories/signals>Sep 15, 1997: Deviant Signals (patch included)</a>

</ul>

<p>