Return to errata.html CVS log | Up to [local] / www |
version 1.453, 2003/10/03 22:40:47 | version 1.454, 2003/10/04 16:37:51 | ||
---|---|---|---|
|
|
||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. | ||
This does not affect OpenSSH. | This does not affect OpenSSH. | ||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/007_asn1.patch">A source code patch exists which remedies the problem</a>.<br> | <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/007_asn1.patch">A source code patch exists which remedies the problem</a>.<br> | ||
<a name=pfnorm></a> | |||
<li><font color="#009000"><strong>006: SECURITY FIX: October 1, 2003</strong></font><br> | |||
Three cases of potential access to freed memory have been found in | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=4">pf</a>. | |||
At least one of them could be used to panic pf with active scrub rules remotely. | |||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/006_pfnorm.patch">A source code patch exists which remedies the problem</a>.<br> | |||
<a name=sendmail></a> | <a name=sendmail></a> | ||
<li><font color="#009000"><strong>005: SECURITY FIX: September 17, 2003</strong></font><br> | <li><font color="#009000"><strong>005: SECURITY FIX: September 17, 2003</strong></font><br> | ||
A buffer overflow in the address parsing in | A buffer overflow in the address parsing in |