| version 1.14, 2009/02/22 22:09:38 |
version 1.15, 2009/04/08 02:33:03 |
|
|
| |
|
| <ul> |
<ul> |
| |
|
| |
<li><a name="012_openssl"></a> |
| |
<font color="#009000"><strong>012: RELIABILITY FIX: April 8, 2009</strong></font> <i>All architectures</i><br> |
| |
The OpenSSL ASN.1 handling code could be forced to perform invalid memory |
| |
accesses though the use of certain invalid strings |
| |
(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590">CVE-2009-0590</a>) |
| |
or under certain error conditions triggerable by invalid ASN.1 structures |
| |
(<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0789">CVE-2009-0789</a>). |
| |
These vulnerabilities could be exploited to achieve a |
| |
denial-of-service. A more detailed description of these problems is available |
| |
in the |
| |
<a href="http://www.openssl.org/news/secadv_20090325.txt">OpenSSL security advisory</a>, but note that the other issue described there "Incorrect Error |
| |
Checking During CMS verification" relates to code not enabled in OpenBSD. |
| |
<br> |
| |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/012_openssl.patch"> |
| |
A source code patch exists which remedies this problem</a>.<br> |
| |
<p> |
| |
|
| <li><a name="011_sudo"></a> |
<li><a name="011_sudo"></a> |
| <font color="#009000"><strong>011: SECURITY FIX: February 22, 2009</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>011: SECURITY FIX: February 22, 2009</strong></font> <i>All architectures</i><br> |
| sudo(8) may allow a user listed in the sudoers file to run a command |
sudo(8) may allow a user listed in the sudoers file to run a command |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata44.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www