version 1.2, 2018/04/14 20:11:12 |
version 1.3, 2018/04/21 15:40:53 |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
<li id="p002_arp"> |
|
<font color="#009000"> |
|
<strong>002: RELIABILITY FIX: April 21, 2018</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
ARP replies could be sent on the wrong member of a bridge(4) interface. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/002_arp.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p003_libtls"> |
|
<font color="#009000"> |
|
<strong>003: RELIABILITY FIX: April 21, 2018</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
Additional data is inadvertently removed when private keys are cleared from |
|
TLS configuration, which can prevent OCSP from functioning correctly. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_libtls.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p004_gif"> |
|
<font color="#009000"> |
|
<strong>004: SECURITY FIX: April 21, 2018</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
In the gif(4) interface, use the specified protocol for IPv6, plug |
|
a mbuf leak and avoid a use after free. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/004_gif.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
|
<li id="p005_httpd"> |
|
<font color="#009000"> |
|
<strong>005: RELIABILITY FIX: April 21, 2018</strong></font> |
|
<i>All architectures</i> |
|
<br> |
|
httpd can leak file descriptors when servicing range requests. |
|
<br> |
|
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/005_httpd.patch.sig"> |
|
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
|
</ul> |
</ul> |
|
|
<hr> |
<hr> |