OpenBSD 4.8 Errata

=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata48.html,v retrieving revision 1.42 retrieving revision 1.43 diff -u -r1.42 -r1.43 --- www/errata48.html 2019/04/02 12:46:57 1.42 +++ www/errata48.html 2019/05/27 22:55:20 1.43 @@ -1,25 +1,23 @@ - - - + + + + OpenBSD 4.8 Errata - - - -

+

-OpenBSD -4.8 Errata +OpenBSD +4.8 Errata

@@ -87,7 +85,7 @@

-010: RELIABILITY FIX: February 16, 2011 +010: RELIABILITY FIX: February 16, 2011 All architectures
The sis(4) driver may hand over stale ring descriptors to the hardware if the compiler decides @@ -98,7 +96,7 @@
-009: SECURITY FIX: February 16, 2011 +009: SECURITY FIX: February 16, 2011 Little-endian architectures
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were @@ -111,7 +109,7 @@
-008: SECURITY FIX: February 11, 2011 +008: SECURITY FIX: February 11, 2011 All architectures
An incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. An attacker could use this flaw @@ -129,7 +127,7 @@
-007: RELIABILITY FIX: January 13, 2011 +007: RELIABILITY FIX: January 13, 2011 All architectures
sp_protocol in RTM_DELETE messages could contain garbage values leading to routing socket users that restrict the AF (such as ospfd) @@ -140,7 +138,7 @@
-006: RELIABILITY FIX: December 17, 2010 +006: RELIABILITY FIX: December 17, 2010 All architectures
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. This fixes aes-ni, via xcrypt and various drivers @@ -155,7 +153,7 @@
-005: SECURITY FIX: December 17, 2010 +005: SECURITY FIX: December 17, 2010 All architectures
Insufficent initialization of the pf rule structure in the ioctl handler may allow userland to modify kernel memory. By default root @@ -166,7 +164,7 @@
-004: RELIABILITY FIX: November 17, 2010 +004: RELIABILITY FIX: November 17, 2010 All architectures
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded @@ -178,7 +176,7 @@
-003: RELIABILITY FIX: November 16, 2010 +003: RELIABILITY FIX: November 16, 2010 All architectures
The vr(4) driver may hand over stale ring descriptors to the hardware if the compiler decides @@ -189,7 +187,7 @@
-002: RELIABILITY FIX: November 16, 2010 +002: RELIABILITY FIX: November 16, 2010 All architectures
Certain PCI based hardware may improperly announce their Base Address Registers as prefetchable even though they are not. This may cause @@ -200,7 +198,7 @@
-001: RELIABILITY FIX: November 16, 2010 +001: RELIABILITY FIX: November 16, 2010 All architectures
Uninitialized memory may force the RDE into route-collector mode on startup and may prevent bgpd from updating or announcing any routes. @@ -212,6 +210,3 @@

- - -