version 1.7, 2010/11/22 20:38:35 |
version 1.8, 2010/11/27 19:51:44 |
|
|
<p> |
<p> |
|
|
<ul> |
<ul> |
|
<!-- 2010/11/17 --> |
|
<li><font color="#e00000"><strong>RELIABILITY FIX: Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded and use OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are not affected.</strong></font><br> |
|
<a href="errata48.html#004_openssl">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<!-- 2010/11/16 --> |
<!-- 2010/11/16 --> |
<li><font color="#e00000"><strong>RELIABILITY FIX: The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4&format=html">vr(4)</a> driver may hand over stale ring descriptors to the hardware if the compiler decides to re-order stores or if the hardware does store-reordering.</strong></font><br> |
<li><font color="#e00000"><strong>RELIABILITY FIX: The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vr&sektion=4&format=html">vr(4)</a> driver may hand over stale ring descriptors to the hardware if the compiler decides to re-order stores or if the hardware does store-reordering.</strong></font><br> |
<a href="errata48.html#003_vr">A source code patch is available</a>.<br> |
<a href="errata48.html#003_vr">A source code patch is available</a>.<br> |