| version 1.235, 2003/02/23 17:21:50 |
version 1.236, 2003/02/25 01:40:44 |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href=errata.html#httpd>February 25, 2003: |
| |
httpd(8) leaks file inode numbers via ETag header as well as |
| |
child PIDs in multipart MIME boundary generation. This could |
| |
lead, for example, to NFS exploitation because it uses inode |
| |
numbers as part of the file handle.</a> |
| <li><a href=errata.html#ssl>February 22, 2003: |
<li><a href=errata.html#ssl>February 22, 2003: |
| In ssl(8) an information leak can occur via timing by performing |
In ssl(8) an information leak can occur via timing by performing |
| a MAC computation even if incorrect block cipher padding has |
a MAC computation even if incorrect block cipher padding has |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www