version 1.10, 2009/01/30 22:25:56 |
version 1.11, 2009/01/30 23:18:03 |
|
|
|
|
<ul> |
<ul> |
|
|
|
<li><a name="009_bgpd"></a> |
|
<font color="#009000"><strong>009: RELIABILITY FIX: January 30, 2009</strong></font> <i>All architectures</i><br> |
|
Upon reception of an invalid update with 4-byte AS attributes, bgpd - |
|
adhering to the RFCs - closed the session to the neighbor. |
|
This error in the specification allowed 3rd parties to close remote BGP |
|
sessions. |
|
In the worst case Internet connectivity could be lost. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/009_bgpd.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
<li><a name="008_bind"></a> |
<li><a name="008_bind"></a> |
<font color="#009000"><strong>008: SECURITY FIX: January 14, 2009</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>008: SECURITY FIX: January 14, 2009</strong></font> <i>All architectures</i><br> |
named(8) did not correctly check the return value of a DSA verification |
named(8) did not correctly check the return value of a DSA verification |