www/security.html - diff

Return to security.html CVS log

Up to [local] / www

Diff for /www/security.html between version 1.384 and 1.385

version 1.384, 2010/03/12 13:36:03

version 1.385, 2010/04/14 14:47:08

Line 67

<a href="#43">4.3</a>,

<a href="#44">4.4</a>,

<a href="#45">4.5</a>,

<a href="#46">4.6</a>.

<a href="#46">4.6</a>,

<a href="#47">4.7</a>.

</td>

</tr>

</table>

Line 232

Line 233

<li><h3><font color="#e00000">Advisories</font></h3><p>

<li>

<h3><font color="#e00000">OpenBSD 4.7 Security Advisories</font></h3>

These are the OpenBSD 4.7 advisories -- all these problems are solved

in <a href=anoncvs.html>OpenBSD current</a> and the

<a href=stable.html>patch branch</a>.

<p>

<ul>

<li><a href="errata47.html#003_openssl">April 14, 2010:

In TLS connections, certain incorrectly formatted records can

cause an OpenSSL client or server to crash due to a read

attempt at NULL.</a>.

</ul>

<li>

<h3><font color="#e00000">OpenBSD 4.6 Security Advisories</font></h3>

Line 241

Line 258

<p>

<ul>

<li><a href="errata46.html#010_openssl">April 14, 2010:

In TLS connections, certain incorrectly formatted records can

cause an OpenSSL client or server to crash due to a read

attempt at NULL.</a>.

<li><a href="errata46.html#006_openssl">March 12, 2010:

OpenSSL is susceptible to a buffer overflow due to a failure

to check for NULL returns from bn_wexpand function calls</a>.

Line 259

Line 280

<p>

<ul>

<li><a href="errata46.html#012_openssl">March 12, 2010:

<li><a href="errata45.html#016_openssl">April 14, 2010:

In TLS connections, certain incorrectly formatted records can

cause an OpenSSL client or server to crash due to a read

attempt at NULL.</a>.

<li><a href="errata45.html#012_openssl">March 12, 2010:

OpenSSL is susceptible to a buffer overflow due to a failure

to check for NULL returns from bn_wexpand function calls</a>.

<li><a href="errata45.html#010_openssl">November 26, 2009: