version 1.408, 2014/04/08 16:39:01 |
version 1.409, 2014/04/09 20:36:50 |
|
|
<li><a href="errata55.html#002_openssl">April 7, 2014: |
<li><a href="errata55.html#002_openssl">April 7, 2014: |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
heartbeat extension (RFC6520) which can result in a leak of memory contents.</a> |
|
<li><a href="errata55.html#003_ftp">April 9, 2014: ftp(1) defect, |
|
failure to check the server hostname when connecting to an https |
|
website, allowing any trusted CA-signed certificate to impersonate |
|
any other website.</a> |
</ul> |
</ul> |
|
|
<li><a name="54"></a> |
<li><a name="54"></a> |