| version 1.408, 2014/04/08 16:39:01 |
version 1.409, 2014/04/09 20:36:50 |
|
|
| <li><a href="errata55.html#002_openssl">April 7, 2014: |
<li><a href="errata55.html#002_openssl">April 7, 2014: |
| Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
| heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
| |
<li><a href="errata55.html#003_ftp">April 9, 2014: ftp(1) defect, |
| |
failure to check the server hostname when connecting to an https |
| |
website, allowing any trusted CA-signed certificate to impersonate |
| |
any other website.</a> |
| </ul> |
</ul> |
| |
|
| <li><a name="54"></a> |
<li><a name="54"></a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www