version 1.10, 2011/02/13 15:05:34 |
version 1.11, 2011/03/11 20:49:30 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2011/02/16 --> |
|
<li><font color="#e00000"><strong>RELIABILITY FIX: the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sis&sektion=4&format=html">sis(4)</a> driver may hand over stale ring descriptors to the hardware if the compiler decides to re-order stores or if the hardware does store-reordering.</strong></font><br> |
|
<a href="errata48.html#010_sis">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
|
<li><font color="#e00000"><strong>SECURITY FIX: PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were not correctly handled on little-endian systems (alpha, amd64, arm, i386, mips64el, vax). Other address types (bare addresses "10.1.1.1" and prefixes "10.1.1.1/30") are not affected.</strong></font><br> |
|
<a href="errata48.html#009_pf">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
|
<!-- 2011/02/11 --> |
|
<li><font color="#e00000"><strong>SECURITY FIX: An incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. An attacker could use this flaw to trigger an invalid memory access, causing a crash of an application linked to OpenSSL. As well, certain applications may expose the contents of parsed OCSP extensions, specifically the OCSP nonce extension.<br> |
|
Applications are only affected if they act as a server and call SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed that nothing in the base OS uses this. Apache httpd started using this in v2.3.3; this is newer than the version in ports.</strong></font><br> |
|
<a href="errata48.html#008_openssl">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<!-- 2011/01/13 --> |
<!-- 2011/01/13 --> |
<li><font color="#e00000"><strong>RELIABILITY FIX: sp_protocol in RTM_DELETE messages could contain garbage values leading to routing socket users that restrict the AF (such as ospfd) not seeing any of the RTM_DELETE messages</a>.</strong></font><br> |
<li><font color="#e00000"><strong>RELIABILITY FIX: sp_protocol in RTM_DELETE messages could contain garbage values leading to routing socket users that restrict the AF (such as ospfd) not seeing any of the RTM_DELETE messages</a>.</strong></font><br> |
<a href="errata48.html#007_rtsock">A source code patch is available</a>.<br> |
<a href="errata48.html#007_rtsock">A source code patch is available</a>.<br> |