===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.391
retrieving revision 1.392
diff -u -r1.391 -r1.392
--- www/security.html 2012/05/01 17:52:06 1.391
+++ www/security.html 2012/05/01 17:56:54 1.392
@@ -350,7 +350,7 @@
April 14, 2010:
In TLS connections, certain incorrectly formatted records can
cause an OpenSSL client or server to crash due to a read
- attempt at NULL..
+ attempt at NULL.
@@ -366,13 +366,13 @@
April 14, 2010:
In TLS connections, certain incorrectly formatted records can
cause an OpenSSL client or server to crash due to a read
- attempt at NULL..
+ attempt at NULL.
March 12, 2010:
OpenSSL is susceptible to a buffer overflow due to a failure
- to check for NULL returns from bn_wexpand function calls.
+ to check for NULL returns from bn_wexpand function calls.
November 26, 2009:
The SSL/TLS protocol is subject to man-in-the-middle attacks
- related to renegotiation.
+ related to renegotiation.
@@ -388,13 +388,13 @@
April 14, 2010:
In TLS connections, certain incorrectly formatted records can
cause an OpenSSL client or server to crash due to a read
- attempt at NULL..
+ attempt at NULL.
March 12, 2010:
OpenSSL is susceptible to a buffer overflow due to a failure
- to check for NULL returns from bn_wexpand function calls.
+ to check for NULL returns from bn_wexpand function calls.
November 26, 2009:
The SSL/TLS protocol is subject to man-in-the-middle attacks
- related to renegotiation.
+ related to renegotiation.
@@ -1029,7 +1029,7 @@
timing attacks.
March 5, 2003:
A buffer overflow in lprm(1) may allow an attacker to elevate
- privileges to user daemon..
+ privileges to user daemon.
March 3, 2003:
A buffer overflow in the envelope comments processing in
sendmail(8) may allow an attacker to gain root privileges.
@@ -1103,7 +1103,7 @@
January 20, 2003:
A double free exists in cvs(1) that could lead to privilege
escalation for cvs configurations where the cvs command is
- run as a privileged user.
+ run as a privileged user.
November 14, 2002:
A buffer overflow exists in named(8) that could lead to a
remote crash or code execution as user named in a chroot jail.
@@ -1818,7 +1818,7 @@
www@openbsd.org
-$OpenBSD: security.html,v 1.391 2012/05/01 17:52:06 tobias Exp $
+$OpenBSD: security.html,v 1.392 2012/05/01 17:56:54 tobias Exp $