===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.859
retrieving revision 1.860
diff -c -r1.859 -r1.860
*** www/plus.html 2003/02/22 23:52:02 1.859
--- www/plus.html 2003/02/22 23:59:25 1.860
***************
*** 59,66 ****
pfctl(8) rejects non-existent interfaces in rules using dynamic interface syntax.
Move /var/at files into /var/cron since at(1) is now a part of cron(8).
Fix support for pf(4) syntax (if)/24 (dynamic interface name translation with a network prefix.)
!
! SECURITY FIX: February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This fix is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078). Also, check for negative sizes in memory allocation routines.
A source code patch is available.
[Applied to stable]
Add a counter for netstat(1) showing how often ipcomp(4) was skipped because the packet size was below the compression threshold.
--- 59,65 ----
pfctl(8) rejects non-existent interfaces in rules using dynamic interface syntax.
Move /var/at files into /var/cron since at(1) is now a part of cron(8).
Fix support for pf(4) syntax (if)/24 (dynamic interface name translation with a network prefix.)
! SECURITY FIX: February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.
A source code patch is available.
[Applied to stable]
Add a counter for netstat(1) showing how often ipcomp(4) was skipped because the packet size was below the compression threshold.
***************
*** 909,915 ****
www@openbsd.org
!
$OpenBSD: plus.html,v 1.859 2003/02/22 23:52:02 margarida Exp $