=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v retrieving revision 1.91 retrieving revision 1.92 diff -c -r1.91 -r1.92 *** www/security.html 1999/03/22 07:37:59 1.91 --- www/security.html 1999/04/12 08:41:56 1.92 *************** *** 117,153 **** OpenBSD 2.3 advisories listed below are fixed in OpenBSD 2.4.

Mar 22, 1999: The nfds argument for poll(2) needs to be constrained, to avoid kvm starvation (patch included). !
Mar 21, 1999: A change in TSS handling stops another kernel crash case caused by the crashme program (patch included). !
Feb 25, 1999: An unbounded increment on the nlink value in FFS and EXT2FS filesystems can cause a system crash. (patch included). !
Feb 23, 1999: Yet another buffer overflow existed in ping(8). (patch included). !
Feb 19, 1999: ipintr() had a race in use of the ipq, which could permit an attacker to cause a crash. (patch included). !
Feb 17, 1999: A race condition in the kernel between accept(2) and select(2) could permit an attacker to hang sockets from remote. (patch included). !
Feb 17, 1999: IP fragment assembly can bog the machine excessively and cause problems. (patch included). !
Feb 12, 1999: i386 T_TRCTRAP handling and DDB interacted to possibly cause a crash. (patch included). !
Feb 11, 1999: TCP/IP RST handling was sloppy. (patch included). !
Nov 27, 1998: There is a remotely exploitable problem in bootpd(8). (patch included). !
Nov 19, 1998: There is a possibly locally exploitable problem relating to environment variables in termcap and curses. (patch included). !
Nov 13, 1998: There is a remote machine lockup bug in the TCP decoding kernel. (patch included).

--- 117,153 ---- OpenBSD 2.3 advisories listed below are fixed in OpenBSD 2.4.

*************** *** 289,295 ****

www@openbsd.org
! $OpenBSD: security.html,v 1.91 1999/03/22 07:37:59 deraadt Exp $ --- 289,295 ----

www@openbsd.org
! $OpenBSD: security.html,v 1.92 1999/04/12 08:41:56 deraadt Exp $