===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.426
retrieving revision 1.427
diff -u -r1.426 -r1.427
--- www/errata.html 2003/02/22 22:50:04 1.426
+++ www/errata.html 2003/02/22 23:16:53 1.427
@@ -55,7 +55,8 @@
- 007: SECURITY FIX: February 22, 2003
-An information leak can occur via timing by performing a MAC computation
+In
+ssl(8) an information leak can occur via timing by performing a MAC computation
even if incorrrect block cipher padding has been found. This fix is a
countermeasure against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078).
@@ -206,7 +207,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.426 2003/02/22 22:50:04 margarida Exp $
+
$OpenBSD: errata.html,v 1.427 2003/02/22 23:16:53 margarida Exp $