| version 1.22, 2002/04/16 18:33:07 |
version 1.23, 2002/04/17 07:21:06 |
|
|
| <p> |
<p> |
| <a name=ipf_frag></a> |
<a name=ipf_frag></a> |
| <li><font color=#009000><strong>027: SECURITY FIX: Apr 23, 2001</strong></font><br> |
<li><font color=#009000><strong>027: SECURITY FIX: Apr 23, 2001</strong></font><br> |
| IPF has a serious problem with fragment cacheing, the bug is triggered if you use the ipf(5) syntax "keep state".<br> |
IPF has a serious problem with fragment caching, the bug is triggered if you use the ipf(5) syntax "keep state".<br> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/027_ipf-frag.patch">A source code patch exists which remedies the problem.</a><br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/027_ipf-frag.patch">A source code patch exists which remedies the problem.</a><br> |
| <p> |
<p> |
| <a name=glob_limit></a> |
<a name=glob_limit></a> |
|
|
| <p> |
<p> |
| <a name=rijndael> </a> |
<a name=rijndael> </a> |
| <li><font color=#009000><strong>004: RELIABILITY FIX: Nov 17, 2000</strong></font><br> |
<li><font color=#009000><strong>004: RELIABILITY FIX: Nov 17, 2000</strong></font><br> |
| First off, AES (rijndael) encryption and decryption were broken for IPsec |
First off, AES (Rijndael) encryption and decryption were broken for IPsec |
| and swap encryption.<br> |
and swap encryption.<br> |
| Secondly, the AES code did not work properly on big endian machines.<br> |
Secondly, the AES code did not work properly on big endian machines.<br> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/004_rijndael.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/004_rijndael.patch"> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata28.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www