Return to 73.html CVS log | Up to [local] / www |
version 1.32, 2023/04/04 18:06:30 | version 1.33, 2023/04/04 23:37:32 | ||
---|---|---|---|
|
|
||
<li>Add another mitigation against classic BROP on systems without | <li>Add another mitigation against classic BROP on systems without | ||
execute-only mmu hardware-enforcement. A range-checking wrapper in | execute-only mmu hardware-enforcement. A range-checking wrapper in | ||
front of <a href="https://man.openbsd.org/copyin.9">copyin(9)</a> and | front of <a href="https://man.openbsd.org/copyin.9">copyin(9)</a> and | ||
href="https://man.openbsd.org/copyinstr.9">copyinstr(9)</a> ensures | <a href="https://man.openbsd.org/copyinstr.9">copyinstr(9)</a> ensures | ||
the userland source address doesn't overlap the main program text and | the userland source address doesn't overlap the main program text and | ||
other text segments, thereby making this address ranges unreadable to | other text segments, thereby making this address ranges unreadable to | ||
the kernel. No programs have been discovered which require reading | the kernel. No programs have been discovered which require reading | ||
|
|
||
<li>Prevented possible kernel crashes by dropping TCP packets with | <li>Prevented possible kernel crashes by dropping TCP packets with | ||
destination port 0 in <a href="https://man.openbsd.org/pf.4">pf(4)</a> | destination port 0 in <a href="https://man.openbsd.org/pf.4">pf(4)</a> | ||
and the stack. | and the stack. | ||
<li>Fixed a endian swap bug causing problems with <a | <li>Fixed an endian swap bug causing problems with <a | ||
href="https://man.openbsd.org/vlan.4">vlan(4)</a> on <a | href="https://man.openbsd.org/vlan.4">vlan(4)</a> on <a | ||
href="https://man.openbsd.org/em.4">em(4)</a> sparc64 systems. | href="https://man.openbsd.org/em.4">em(4)</a> sparc64 systems. | ||
<li>Denied "pipex no" tunnel setting for <a | <li>Denied "pipex no" tunnel setting for <a |