Custom Search
Friday, March 19, 2004
Applied 2 more patches to my OpenBSD 3.3 system on my Toshiba 4015CDT
laptop, 020_isakmpd2.patch & 021_openssl.patch
020_isakmpd2.patch:
Defects in the payload validation and processing functions of isakmpd(8)
have been discovered. An attacker could send malformed ISAKMP messages
and cause isakmpd to crash or to loop endlessly. This patch fixes these problems
and removes some memory leaks.
021_openssl.patch:
A missing check for a NULL-pointer dereference has been found in ssl(3). A
remote attacker can use the bug to cause an OpenSSL application to crash;
this may lead to a denial of service.
0 Comments:
Post a Comment
<< Home