| version 1.260, 2003/10/05 22:14:49 |
version 1.261, 2003/10/24 22:12:41 |
|
|
| <a href="#30">3.0</a>, |
<a href="#30">3.0</a>, |
| <a href="#31">3.1</a>, |
<a href="#31">3.1</a>, |
| <a href="#32">3.2</a>, |
<a href="#32">3.2</a>, |
| <a href="#33">3.3</a>. |
<a href="#33">3.3</a>, |
| |
<a href="#34">3.4</a>. |
| </td> |
</td> |
| </tr> |
</tr> |
| </table> |
</table> |
|
|
| <dl> |
<dl> |
| |
|
| <li> |
<li> |
| |
<a name=34></a> |
| |
|
| |
<h3><font color=#e00000>OpenBSD 3.4 Security Advisories</font></h3> |
| |
These are the OpenBSD 3.4 advisories -- all these problems are solved |
| |
in <a href=anoncvs.html>OpenBSD current</a> and the |
| |
<a href=stable.html>patch branch</a>. |
| |
|
| |
<p> |
| |
<ul> |
| |
<li>None yet. |
| |
</ul> |
| |
|
| |
<p> |
| |
<li> |
| <a name=33></a> |
<a name=33></a> |
| |
|
| <h3><font color=#e00000>OpenBSD 3.3 Security Advisories</font></h3> |
<h3><font color=#e00000>OpenBSD 3.3 Security Advisories</font></h3> |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| <li><a href=errata.html#asn1>October 1, 2003: |
<li><a href=errata33.html#asn1>October 1, 2003: |
| The use of certain ASN.1 encodings or malformed public keys may |
The use of certain ASN.1 encodings or malformed public keys may |
| allow an attacker to mount a denial of service attack against |
allow an attacker to mount a denial of service attack against |
| applications linked with ssl(3).</a> |
applications linked with ssl(3).</a> |
| <li><a href=errata.html#pfnorm>September 24, 2003: |
<li><a href=errata33.html#pfnorm>September 24, 2003: |
| Access of freed memory in pf(4) could be used to |
Access of freed memory in pf(4) could be used to |
| remotely panic a machine using scrub rules.</a> |
remotely panic a machine using scrub rules.</a> |
| <li><a href=errata.html#sendmail>September 17, 2003: |
<li><a href=errata33.html#sendmail>September 17, 2003: |
| A buffer overflow in the address parsing in |
A buffer overflow in the address parsing in |
| sendmail(8) may allow an attacker to gain root privileges.</a> |
sendmail(8) may allow an attacker to gain root privileges.</a> |
| <li><a href=errata.html#sshbuffer>September 16, 2003: |
<li><a href=errata33.html#sshbuffer>September 16, 2003: |
| OpenSSH versions prior to 3.7 contains a buffer management error |
OpenSSH versions prior to 3.7 contains a buffer management error |
| that is potentially exploitable.</a> |
that is potentially exploitable.</a> |
| <li><a href=errata.html#sysvsem>September 10, 2003: |
<li><a href=errata33.html#sysvsem>September 10, 2003: |
| Root may be able to reduce the security level by taking advantage of |
Root may be able to reduce the security level by taking advantage of |
| an integer overflow when the semaphore limits are made very large.</a> |
an integer overflow when the semaphore limits are made very large.</a> |
| <li><a href=errata.html#semget>August 20, 2003: |
<li><a href=errata33.html#semget>August 20, 2003: |
| An improper bounds check in the kernel may allow a local user |
An improper bounds check in the kernel may allow a local user |
| to panic the kernel.</a> |
to panic the kernel.</a> |
| <li><a href=errata.html#realpath>August 4, 2003: |
<li><a href=errata33.html#realpath>August 4, 2003: |
| An off-by-one error exists in the C library function realpath(3) |
An off-by-one error exists in the C library function realpath(3) |
| may allow an attacker to gain escalated privileges.</a> |
may allow an attacker to gain escalated privileges.</a> |
| </ul> |
</ul> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www