===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus48.html,v
retrieving revision 1.8
retrieving revision 1.9
diff -c -r1.8 -r1.9
*** www/plus48.html 2010/11/27 19:51:44 1.8
--- www/plus48.html 2011/01/13 19:44:22 1.9
***************
*** 67,72 ****
--- 67,79 ----
+
+ - RELIABILITY FIX: Bring CBC oracle attack countermeasures to hardware crypto accelerator land. This fixes aes-ni, via xcrypt and various drivers: glxsb(4), hifn(4), safe(4) and ubsec(4).
+ A source code patch is available.
+ [Applied to stable]
+ - SECURITY FIX: Insufficent initialization of the pf rule structure in the ioctl handler may allow userland to modify kernel memory. By default root privileges are needed to add or modify pf rules.
+ A source code patch is available.
+ [Applied to stable]
- RELIABILITY FIX: Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded and use OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are not affected.
A source code patch is available.
***************
*** 869,875 ****
www@openbsd.org
!
$OpenBSD: plus48.html,v 1.8 2010/11/27 19:51:44 jj Exp $