version 1.16, 2010/11/18 08:34:45 |
version 1.17, 2010/12/17 16:36:18 |
|
|
<a name="zaurus"></a> |
<a name="zaurus"></a> |
|
|
<ul> |
<ul> |
|
<li><a name="009_pf"></a> |
|
<font color="#009000"><strong>009: SECURITY FIX: December 17, 2010</strong></font> <i>All architectures</i><br> |
|
Insufficent initialization of the pf rule structure in the ioctl |
|
handler may allow userland to modify kernel memory. By default root |
|
privileges are needed to add or modify pf rules. |
|
<br> |
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/4.7/common/009_pf.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
<li><a name="008_openssl"></a> |
<li><a name="008_openssl"></a> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2010</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2010</strong></font> <i>All architectures</i><br> |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |