| version 1.391, 2012/05/01 17:52:06 |
version 1.392, 2012/05/01 17:56:54 |
|
|
| <li><a href="errata47.html#003_openssl">April 14, 2010: |
<li><a href="errata47.html#003_openssl">April 14, 2010: |
| In TLS connections, certain incorrectly formatted records can |
In TLS connections, certain incorrectly formatted records can |
| cause an OpenSSL client or server to crash due to a read |
cause an OpenSSL client or server to crash due to a read |
| attempt at NULL.</a>. |
attempt at NULL.</a> |
| </ul> |
</ul> |
| |
|
| <li> |
<li> |
|
|
| <li><a href="errata46.html#010_openssl">April 14, 2010: |
<li><a href="errata46.html#010_openssl">April 14, 2010: |
| In TLS connections, certain incorrectly formatted records can |
In TLS connections, certain incorrectly formatted records can |
| cause an OpenSSL client or server to crash due to a read |
cause an OpenSSL client or server to crash due to a read |
| attempt at NULL.</a>. |
attempt at NULL.</a> |
| <li><a href="errata46.html#006_openssl">March 12, 2010: |
<li><a href="errata46.html#006_openssl">March 12, 2010: |
| OpenSSL is susceptible to a buffer overflow due to a failure |
OpenSSL is susceptible to a buffer overflow due to a failure |
| to check for NULL returns from bn_wexpand function calls</a>. |
to check for NULL returns from bn_wexpand function calls.</a> |
| <li><a href="errata46.html#004_openssl">November 26, 2009: |
<li><a href="errata46.html#004_openssl">November 26, 2009: |
| The SSL/TLS protocol is subject to man-in-the-middle attacks |
The SSL/TLS protocol is subject to man-in-the-middle attacks |
| related to renegotiation</a>. |
related to renegotiation.</a> |
| </ul> |
</ul> |
| |
|
| <li> |
<li> |
|
|
| <li><a href="errata45.html#016_openssl">April 14, 2010: |
<li><a href="errata45.html#016_openssl">April 14, 2010: |
| In TLS connections, certain incorrectly formatted records can |
In TLS connections, certain incorrectly formatted records can |
| cause an OpenSSL client or server to crash due to a read |
cause an OpenSSL client or server to crash due to a read |
| attempt at NULL.</a>. |
attempt at NULL.</a> |
| <li><a href="errata45.html#012_openssl">March 12, 2010: |
<li><a href="errata45.html#012_openssl">March 12, 2010: |
| OpenSSL is susceptible to a buffer overflow due to a failure |
OpenSSL is susceptible to a buffer overflow due to a failure |
| to check for NULL returns from bn_wexpand function calls</a>. |
to check for NULL returns from bn_wexpand function calls.</a> |
| <li><a href="errata45.html#010_openssl">November 26, 2009: |
<li><a href="errata45.html#010_openssl">November 26, 2009: |
| The SSL/TLS protocol is subject to man-in-the-middle attacks |
The SSL/TLS protocol is subject to man-in-the-middle attacks |
| related to renegotiation</a>. |
related to renegotiation.</a> |
| </ul> |
</ul> |
| |
|
| <li> |
<li> |
|
|
| timing attacks.</a> |
timing attacks.</a> |
| <li><a href="errata32.html#lprm">March 5, 2003: |
<li><a href="errata32.html#lprm">March 5, 2003: |
| A buffer overflow in lprm(1) may allow an attacker to elevate |
A buffer overflow in lprm(1) may allow an attacker to elevate |
| privileges to user daemon.</a>. |
privileges to user daemon.</a> |
| <li><a href="errata32.html#sendmail">March 3, 2003: |
<li><a href="errata32.html#sendmail">March 3, 2003: |
| A buffer overflow in the envelope comments processing in |
A buffer overflow in the envelope comments processing in |
| sendmail(8) may allow an attacker to gain root privileges.</a> |
sendmail(8) may allow an attacker to gain root privileges.</a> |
|
|
| <li><a href="errata31.html#cvs">January 20, 2003: |
<li><a href="errata31.html#cvs">January 20, 2003: |
| A double free exists in cvs(1) that could lead to privilege |
A double free exists in cvs(1) that could lead to privilege |
| escalation for cvs configurations where the cvs command is |
escalation for cvs configurations where the cvs command is |
| run as a privileged user</a>. |
run as a privileged user.</a> |
| <li><a href="errata31.html#named">November 14, 2002: |
<li><a href="errata31.html#named">November 14, 2002: |
| A buffer overflow exists in named(8) that could lead to a |
A buffer overflow exists in named(8) that could lead to a |
| remote crash or code execution as user named in a chroot jail.</a> |
remote crash or code execution as user named in a chroot jail.</a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www