version 1.409, 2002/07/17 19:26:10 |
version 1.410, 2002/07/30 13:42:53 |
|
|
<a name=all></a> |
<a name=all></a> |
<li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color=#e00000>All architectures</font></h3> |
<ul> |
<ul> |
|
<a name=ssl></a> |
|
<li><font color=#009000><strong>013: SECURITY FIX: July 30, 2002</strong></font><br> |
|
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> library, as in the ASN.1 parser code in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=3">crypto(3)</a> library, all of them being potentially remotely exploitable. |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/013_ssl.patch">A source code patch exists which remedies the problem</a>. |
|
<a name=xdr></a> |
|
<li><font color=#009000><strong>012: SECURITY FIX: July 29, 2002</strong></font><br> |
|
A buffer overflow can occur in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdr_array&sektion=3">xdr_array(3)</a> RPC code, leading to possible remote crash.<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/012_xdr.patch">A source code patch exists which remedies the problem</a>. |
|
<a name=pppd></a> |
|
<li><font color=#009000><strong>011: SECURITY FIX: July 29, 2002</strong></font><br> |
|
A race condition exists in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&sektion=8">pppd(8)</a> daemon which may cause it to alter the file permissions of an arbitrary file.<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/011_pppd.patch">A source code patch exists which remedies the problem</a>. |
<a name=isakmpd></a> |
<a name=isakmpd></a> |
<li><font color=#009000><strong>010: RELIABILITY FIX: July 5, 2002</strong></font><br> |
<li><font color=#009000><strong>010: RELIABILITY FIX: July 5, 2002</strong></font><br> |
Receiving IKE payloads out of sequence can cause |
Receiving IKE payloads out of sequence can cause |