Return to errata.html CVS log | Up to [local] / www |
version 1.469, 2004/01/14 01:34:50 | version 1.470, 2004/01/14 10:56:45 | ||
---|---|---|---|
|
|
||
<a name="all"></a> | <a name="all"></a> | ||
<h3><font color="#e00000">All architectures</font></h3> | <h3><font color="#e00000">All architectures</font></h3> | ||
<ul> | <ul> | ||
<li> | |||
<a name="isakmpd"></a> | <a name="isakmpd"></a> | ||
<font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> | <li><font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> | ||
Several message handling flaws in | Several message handling flaws in | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> | ||
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also | have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also | ||
|
|
||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> | <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> | ||
A source code patch exists which remedies these problems</a>.<br> | A source code patch exists which remedies these problems</a>.<br> | ||
<p> | <p> | ||
<a name="sem"></a> | <a name="sem"></a> | ||
<font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> | <li><font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> | ||
An improper bounds check makes it possible for a local user to cause a crash | An improper bounds check makes it possible for a local user to cause a crash | ||
by passing the | by passing the | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and |