www/errata47.html - diff

Return to errata47.html CVS log

Up to [local] / www

Diff for /www/errata47.html between version 1.19 and 1.20

-version 1.19, 2011/01/13 16:36:58
+version 1.20, 2011/02/16 20:37:28
 Line 87
 Line 87
 Line 87
  <a name="zaurus"></a>
  <ul>
+ <li><a name="013_pf"></a>
+ <font color="#009000"><strong>013: SECURITY FIX: February 16, 2011</strong></font> &nbsp; <i>Little-endian architectures</i><br>
+ PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
+ not correctly handled on little-endian systems (alpha, amd64, arm, i386,
+ mips64el, vax). Other address types (bare addresses "10.1.1.1" and
+ prefixes "10.1.1.1/30") are not affected.
+ <br>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/4.7/common/013_pf.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
+ <li><a name="012_openssl"></a>
+ <font color="#009000"><strong>012: SECURITY FIX: February 11, 2011</strong></font> &nbsp; <i>All architectures</i><br>
+ An incorrectly formatted ClientHello handshake message could cause
+ OpenSSL to parse past the end of the message.  An attacker could use this flaw
+ to trigger an invalid memory access, causing a crash of an application linked
+ to OpenSSL.  As well, certain applications may expose the contents of parsed
+ OCSP extensions, specifically the OCSP nonce extension.
+ <p>
+ Applications are only affected if they act as a server and call
+ SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX.  It is believed
+ that nothing in the base OS uses this.  Apache httpd started using this
+ in v2.3.3; this is newer than the version in ports.
+ <br>
+ <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/4.7/common/012_openssl.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
  <li><a name="011_rtsock"></a>
  <font color="#009000"><strong>011: RELIABILITY FIX: January 13, 2011</strong></font> &nbsp; <i>All architectures</i><br>
  sp_protocol in RTM_DELETE messages could contain garbage values