===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus41.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- www/plus41.html 2007/03/08 17:58:54 1.4
+++ www/plus41.html 2007/03/13 01:44:49 1.5
@@ -921,7 +921,7 @@
Various binutils and gcc(1) additions to handle 32-bit SuperH cpus.
In pf.conf(5), make 'flags S/SA keep state' the implicit default for filter rules.
-SECURITY FIX: Integer overflow in systrace(4)'s STRIOCREPLACE support. This could be exploited for DoS, limited kmem reads or local privilege escalation.
A source code patch is available.
[Applied to stable]
+SECURITY FIX: Integer overflow in systrace(4)'s STRIOCREPLACE support. This could be exploited for DoS, limited kmem reads or local privilege escalation.
A source code patch is available.
[Applied to stable]
Update OpenSSH to 4.4.
Always allow read-only opens on (s)vnd devices, despite the type of the first open (svnd vs vnd).
@@ -930,7 +930,7 @@
Fix for write(1) to handle cases where the utmp file is missing.
Fixes for pci(4) where unit numbers do not match PCI Bus number.
SECURITY FIX: Several problems have been found in OpenSSL. While parsing certain invalid ASN.1 structures an error condition is mishandled, possibly resulting in an infinite loop. A buffer overflow exists in the SSL_get_shared_ciphers function. A NULL pointer may be dereferenced in the SSL version 2 client code. In addition, many applications using OpenSSL do not perform any validation of the lengths of public keys being used.
-A source code patch is available.
+A source code patch is available.
[Applied to stable]
Use 64 bit daddr type for physical block numbers in the filesystem code.
@@ -1062,7 +1062,7 @@
www@openbsd.org
-
$OpenBSD: plus41.html,v 1.4 2007/03/08 17:58:54 jasper Exp $
+
$OpenBSD: plus41.html,v 1.5 2007/03/13 01:44:49 deraadt Exp $