[BACK]Return to errata57.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/errata57.html between version 1.13 and 1.14

version 1.13, 2015/05/11 11:18:29 version 1.14, 2015/06/11 18:10:53
Line 166 
Line 166 
 <li>tar without -P would permit extraction of paths with ".." components  <li>tar without -P would permit extraction of paths with ".." components
 <li>there was a buffer overflow in the handling of pax extension headers  <li>there was a buffer overflow in the handling of pax extension headers
 </ul>  </ul>
 <br>  
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/007_tar.patch.sig">  <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/007_tar.patch.sig">
   A source code patch exists which remedies this problem.</a>
   <p>
   
   <li id="008_smtpd">
   <font color="#009000"><strong>008: RELIABILITY FIX: June 11, 2015</strong></font>
   &nbsp; <i>All architectures</i><br>
   Fix multiple reliability issues in smtpd:
   <ul>
   <li>a local user can cause smtpd to fail by writing an invalid imsg to control socket.
   <li>a local user can prevent smtpd from serving new requests by exhausting descriptors.
   </ul>
   <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/008_smtpd.patch.sig">
   A source code patch exists which remedies this problem.</a>
   <p>
   
   <li id="009_openssl">
   <font color="#009000"><strong>009: SECURITY FIX: June 11, 2015</strong></font>
   &nbsp; <i>All architectures</i><br>
   Fix several defects from OpenSSL:
   <ul>
   <li>CVE-2015-1788 - Malformed ECParameters causes infinite loop
   <li>CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
   <li>CVE-2015-1792 - CMS verify infinite loop with unknown hash function
   </ul>
   <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.7/common/009_openssl.patch.sig">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Legend:
Removed from v.1.13  
changed lines
  Added in v.1.14