===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.412
retrieving revision 1.413
diff -u -r1.412 -r1.413
--- www/security.html 2014/05/01 15:15:22 1.412
+++ www/security.html 2014/05/13 20:12:43 1.413
@@ -718,7 +718,7 @@
OpenBSD 3.8 Security Advisories
-These are the OpenBSD 3.8 advisories -- all these problems are solved
+These are the OpenBSD 3.8 advisories -- all these problems are solved
in OpenBSD current and the
patch branch.
@@ -784,7 +784,7 @@
OpenBSD 3.7 Security Advisories
-These are the OpenBSD 3.7 advisories -- all these problems are solved
+These are the OpenBSD 3.7 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.7 is no longer being maintained,
you should update your machine.
@@ -823,7 +823,7 @@
OpenBSD 3.6 Security Advisories
-These are the OpenBSD 3.6 advisories -- all these problems are solved
+These are the OpenBSD 3.6 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.6 is no longer being maintained,
you should update your machine.
@@ -865,7 +865,7 @@
OpenBSD 3.5 Security Advisories
-These are the OpenBSD 3.5 advisories -- all these problems are solved
+These are the OpenBSD 3.5 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.5 is no longer being maintained,
you should update your machine.
@@ -916,7 +916,7 @@
to the possibility of principal impersonation from other
Kerberos realms if they are trusted with a cross-realm trust.
May 26, 2004:
- xdm(1) ignores the requestPort resource and creates a
+ xdm(1) ignores the requestPort resource and creates a
listening socket regardless of the setting in xdm-config.
May 20, 2004:
A buffer overflow in the cvs(1) server has been found,
@@ -936,7 +936,7 @@
OpenBSD 3.4 Security Advisories
-These are the OpenBSD 3.4 advisories -- all these problems are solved
+These are the OpenBSD 3.4 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.4 is no longer being maintained,
you should update your machine.
@@ -1009,7 +1009,7 @@
OpenBSD 3.3 Security Advisories
-These are the OpenBSD 3.3 advisories -- all these problems are solved
+These are the OpenBSD 3.3 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.3 is no longer being maintained,
you should update your machine.
@@ -1040,15 +1040,15 @@
Several message handling flaws in isakmpd(8) have been reported
by Thomas Walpuski.
November 17, 2003:
- It may be possible for a local user to execute arbitrary code
- resulting in escalation of privileges due to a stack overrun
+ It may be possible for a local user to execute arbitrary code
+ resulting in escalation of privileges due to a stack overrun
in compat_ibcs2(8).
October 1, 2003:
The use of certain ASN.1 encodings or malformed public keys may
allow an attacker to mount a denial of service attack against
applications linked with ssl(3).
September 24, 2003:
- Access of freed memory in pf(4) could be used to
+ Access of freed memory in pf(4) could be used to
remotely panic a machine using scrub rules.
September 17, 2003:
A buffer overflow in the address parsing in
@@ -1073,7 +1073,7 @@
OpenBSD 3.2 Security Advisories
-These are the OpenBSD 3.2 advisories -- all these problems are solved
+These are the OpenBSD 3.2 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.2 is no longer being maintained,
you should update your machine.
@@ -1084,7 +1084,7 @@
allow an attacker to mount a denial of service attack against
applications linked with ssl(3). This does not affect OpenSSH.
September 24, 2003:
- Access of freed memory in pf(4) could be used to
+ Access of freed memory in pf(4) could be used to
remotely panic a machine using scrub rules.
September 17, 2003:
A buffer overflow in the address parsing in
@@ -1123,7 +1123,7 @@
numbers as part of the file handle.
February 22, 2003:
In ssl(8) an information leak can occur via timing by performing
- a MAC computation even if incorrect block cipher padding has
+ a MAC computation even if incorrect block cipher padding has
been found, this is a countermeasure. Also, check for negative
sizes, in allocation routines.
January 20, 2003:
@@ -1153,8 +1153,8 @@
OpenBSD 3.1 Security Advisories
-These are the OpenBSD 3.1 advisories -- all these problems are solved
-in OpenBSD current. The
+These are the OpenBSD 3.1 advisories -- all these problems are solved
+in OpenBSD current. The
patch branch for 3.1 is no longer being maintained,
you should update your machine.
@@ -1180,7 +1180,7 @@
sendmail(8) may allow an attacker to gain root privileges.
February 23, 2003:
In ssl(8) an information leak can occur via timing by performing
- a MAC computation even if incorrect block cipher padding has
+ a MAC computation even if incorrect block cipher padding has
been found, this is a countermeasure. Also, check for negative
sizes, in allocation routines.
January 20, 2003:
@@ -1258,7 +1258,7 @@
OpenBSD 3.0 Security Advisories
-These are the OpenBSD 3.0 advisories -- all these problems are solved
+These are the OpenBSD 3.0 advisories -- all these problems are solved
in OpenBSD current. The
patch branch for 3.0 is no longer being maintained,
you should update your machine.
@@ -1368,8 +1368,8 @@
OpenBSD 2.9 Security Advisories
-These are the OpenBSD 2.9 advisories -- all these problems are solved
-in OpenBSD current. The
+These are the OpenBSD 2.9 advisories -- all these problems are solved
+in OpenBSD current. The
patch branch. for 2.9 is no longer being maintained,
you should update your machine.
@@ -1447,8 +1447,8 @@
OpenBSD 2.8 Security Advisories
-These are the OpenBSD 2.8 advisories -- all these problems are solved
-in OpenBSD current. The
+These are the OpenBSD 2.8 advisories -- all these problems are solved
+in OpenBSD current. The
patch branch. for 2.8 is no longer being maintained,
you should update your machine.
@@ -1507,7 +1507,7 @@
OpenBSD 2.7 Security Advisories
-These are the OpenBSD 2.7 advisories -- all these problems are solved
+These are the OpenBSD 2.7 advisories -- all these problems are solved
in OpenBSD current. Obviously, all the
OpenBSD 2.6 advisories listed below are fixed in OpenBSD 2.7.
@@ -1526,7 +1526,7 @@
X11 libraries have 2 potential overflows in xtrans code.
(patch included)
Oct 18, 2000:
- Apache mod_rewrite and mod_vhost_alias modules could expose files
+ Apache mod_rewrite and mod_vhost_alias modules could expose files
on the server in certain configurations if used.
(patch included)
Oct 10, 2000:
@@ -1590,7 +1590,7 @@
May 25, 2000:
Improper use of ipf keep-state rules can result
in firewall rules being bypassed. (patch included)
-
+
@@ -1598,7 +1598,7 @@
OpenBSD 2.6 Security Advisories
-These are the OpenBSD 2.6 advisories -- all these problems are solved
+These are the OpenBSD 2.6 advisories -- all these problems are solved
in OpenBSD current. Obviously, all the
OpenBSD 2.5 advisories listed below are fixed in OpenBSD 2.6.
@@ -1610,14 +1610,14 @@
May 25, 2000:
Improper use of ipf keep-state rules can result
in firewall rules being bypassed. (patch included)
-May 25, 2000:
+May 25, 2000:
xlockmore has a bug which a localhost attacker can use to gain
access to the encrypted root password hash (which is normally
encoded using blowfish (see
crypt(3))
(patch included).
-Jan 20, 2000:
+Jan 20, 2000:
Systems running with procfs enabled and mounted are
vulnerable to a very tricky exploit. procfs is not
mounted by default.
@@ -1636,7 +1636,7 @@
(patch included).
Update: Turns out that this was not exploitable
in any of the software included in OpenBSD 2.6.
-Nov 9, 1999:
+Nov 9, 1999:
Any user could change interface media configurations, resulting in
a localhost denial of service attack.
(patch included).
@@ -1647,13 +1647,13 @@
OpenBSD 2.5 Security Advisories
-These are the OpenBSD 2.5 advisories -- all these problems are solved
+These are the OpenBSD 2.5 advisories -- all these problems are solved
in OpenBSD current. Obviously, all the
OpenBSD 2.4 advisories listed below are fixed in OpenBSD 2.5.
-- Aug 30, 1999:
+
- Aug 30, 1999:
In cron(8), make sure argv[] is NULL terminated in the
fake popen() and run sendmail as the user, not as root.
(patch included).
@@ -1682,7 +1682,7 @@
OpenBSD 2.4 Security Advisories
-These are the OpenBSD 2.4 advisories -- all these problems are solved
+These are the OpenBSD 2.4 advisories -- all these problems are solved
in OpenBSD current. Obviously, all the
OpenBSD 2.3 advisories listed below are fixed in OpenBSD 2.4.
@@ -1699,7 +1699,7 @@
- Feb 23, 1999: Yet another buffer overflow
existed in ping(8). (patch included).
- Feb 19, 1999: ipintr() had a race in use of
- the ipq, which could permit an attacker to cause a crash.
+ the ipq, which could permit an attacker to cause a crash.
(patch included).
- Feb 17, 1999: A race condition in the
kernel between accept(2) and select(2) could permit an attacker
@@ -1727,7 +1727,7 @@
OpenBSD 2.3 Security Advisories
-These are the OpenBSD 2.3 advisories -- all these problems are solved
+These are the OpenBSD 2.3 advisories -- all these problems are solved
in OpenBSD current. Obviously, all the
OpenBSD 2.2 advisories listed below are fixed in OpenBSD 2.3.
@@ -1829,7 +1829,7 @@
- Many others... if people can hunt them down, please let me know
and we'll put them up here.
@@ -1875,7 +1875,7 @@
transition between major releases.
Install a binary snapshot for your
architecture, which are made available fairly often. For
- instance, an i386 snapshot is typically made available weekly.
+ instance, an i386 snapshot is typically made available weekly.