=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.859 retrieving revision 1.860 diff -u -r1.859 -r1.860 --- www/plus.html 2003/02/22 23:52:02 1.859 +++ www/plus.html 2003/02/22 23:59:25 1.860 @@ -59,8 +59,7 @@
  • pfctl(8) rejects non-existent interfaces in rules using dynamic interface syntax.
  • Move /var/at files into /var/cron since at(1) is now a part of cron(8).
  • Fix support for pf(4) syntax (if)/24 (dynamic interface name translation with a network prefix.) - -
  • SECURITY FIX: February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrrect block cipher padding has been found. This fix is a countermeasure against active attacks where the attacker has to distinguish between bad padding and a MAC verification error. (CAN-2003-0078). Also, check for negative sizes in memory allocation routines.
    +
  • SECURITY FIX: February 22, 2003: In ssl(8) an information leak can occur via timing by performing a MAC computation even if incorrrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.
    A source code patch is available.
    [Applied to stable]
  • Add a counter for netstat(1) showing how often ipcomp(4) was skipped because the packet size was below the compression threshold. @@ -909,7 +908,7 @@
    OpenBSD www@openbsd.org -
    $OpenBSD: plus.html,v 1.859 2003/02/22 23:52:02 margarida Exp $ +
    $OpenBSD: plus.html,v 1.860 2003/02/22 23:59:25 deraadt Exp $