| version 1.333, 2006/10/30 21:11:21 |
version 1.334, 2006/11/04 03:02:28 |
|
|
| <a href="#36">3.6</a>, |
<a href="#36">3.6</a>, |
| <a href="#37">3.7</a>, |
<a href="#37">3.7</a>, |
| <a href="#38">3.8</a>, |
<a href="#38">3.8</a>, |
| <a href="#39">3.9</a>. |
<a href="#39">3.9</a>, |
| |
<a href="#40">4.0</a>. |
| </td> |
</td> |
| </tr> |
</tr> |
| </table> |
</table> |
|
|
| outlining <a href=crypto.html>what we have done with cryptography</a>.</p> |
outlining <a href=crypto.html>what we have done with cryptography</a>.</p> |
| |
|
| <li><h3><font color="#e00000">Advisories</font></h3><p> |
<li><h3><font color="#e00000">Advisories</font></h3><p> |
| |
|
| |
<li> |
| |
<a name="40"></a> |
| |
|
| |
<h3><font color="#e00000">OpenBSD 4.0 Security Advisories</font></h3> |
| |
These are the OpenBSD 4.0 advisories -- all these problems are solved |
| |
in <a href=anoncvs.html>OpenBSD current</a> and the |
| |
<a href=stable.html>patch branch</a>. |
| |
|
| |
<p> |
| |
<ul> |
| |
<li><a href="errata.html#systrace">Oct 7, 2006: |
| |
Fix for an integer overflow in systrace(4)'s STRIOCREPLACE support, |
| |
found by Chris Evans.</a> |
| |
<li><a href="errata.html#openssl">Oct 7, 2006: |
| |
Several problems have been found in OpenSSL.</a> |
| |
<li><a href="errata.html#httpd">Oct 7, 2006: |
| |
httpd(8) does not sanitize the Expect header from an HTTP request |
| |
when it is reflected back in an error message, which might allow |
| |
cross-site scripting (XSS) style attacks.</a> |
| |
</ul> |
| |
|
| <li> |
<li> |
| <a name="39"></a> |
<a name="39"></a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www