===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus48.html,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- www/plus48.html 2010/11/27 19:51:44 1.8
+++ www/plus48.html 2011/01/13 19:44:22 1.9
@@ -67,6 +67,13 @@
+
+- RELIABILITY FIX: Bring CBC oracle attack countermeasures to hardware crypto accelerator land. This fixes aes-ni, via xcrypt and various drivers: glxsb(4), hifn(4), safe(4) and ubsec(4).
+A source code patch is available.
+[Applied to stable]
+ - SECURITY FIX: Insufficent initialization of the pf rule structure in the ioctl handler may allow userland to modify kernel memory. By default root privileges are needed to add or modify pf rules.
+A source code patch is available.
+[Applied to stable]
- RELIABILITY FIX: Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded and use OpenSSL's internal caching mechanism. Servers that are multi-process and/or disable internal session caching are not affected.
A source code patch is available.
@@ -869,7 +876,7 @@
www@openbsd.org
-
$OpenBSD: plus48.html,v 1.8 2010/11/27 19:51:44 jj Exp $
+
$OpenBSD: plus48.html,v 1.9 2011/01/13 19:44:22 jj Exp $