version 1.235, 2003/02/23 17:21:50 |
version 1.236, 2003/02/25 01:40:44 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href=errata.html#httpd>February 25, 2003: |
|
httpd(8) leaks file inode numbers via ETag header as well as |
|
child PIDs in multipart MIME boundary generation. This could |
|
lead, for example, to NFS exploitation because it uses inode |
|
numbers as part of the file handle.</a> |
<li><a href=errata.html#ssl>February 22, 2003: |
<li><a href=errata.html#ssl>February 22, 2003: |
In ssl(8) an information leak can occur via timing by performing |
In ssl(8) an information leak can occur via timing by performing |
a MAC computation even if incorrect block cipher padding has |
a MAC computation even if incorrect block cipher padding has |