version 1.233, 2003/01/30 22:02:17 |
version 1.234, 2003/02/23 00:20:51 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href=errata.html#ssl>February 22, 2003: |
|
In ssl(8) an information leak can occur via timing by performing |
|
a MAC computation even if incorrect block cipher padding has |
|
been found, this is a countermeasure. Also, check for negative |
|
sizes, in allocation routines.</a> |
<li><a href=errata.html#cvs>January 20, 2003: |
<li><a href=errata.html#cvs>January 20, 2003: |
A double free exists in cvs(1) that could lead to privilege |
A double free exists in cvs(1) that could lead to privilege |
escalation for cvs configurations where the cvs command is |
escalation for cvs configurations where the cvs command is |