Return to errata33.html CVS log | Up to [local] / www |
version 1.9, 2004/01/16 00:53:26 | version 1.10, 2004/01/16 00:57:58 | ||
---|---|---|---|
|
|
||
<li><font color="#009000"><strong>014: SECURITY FIX: January 15, 2004</strong></font><br> | <li><font color="#009000"><strong>014: SECURITY FIX: January 15, 2004</strong></font><br> | ||
Several message handling flaws in | Several message handling flaws in | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> | ||
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also | have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. | ||
includes a reliability fix for a filedescriptor leak that causes problems when a crypto card is | |||
installed. | |||
<br> | <br> | ||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/014_isakmpd.patch"> | <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/014_isakmpd.patch"> | ||
A source code patch exists which remedies these problems</a>.<br> | A source code patch exists which remedies these problems</a>.<br> |