Custom Search

Friday, March 19, 2004

OpenBSD Patching

Applied 2 more patches to my OpenBSD 3.3 system on my Toshiba 4015CDT laptop, 020_isakmpd2.patch & 021_openssl.patch 020_isakmpd2.patch: Defects in the payload validation and processing functions of isakmpd(8) have been discovered. An attacker could send malformed ISAKMP messages and cause isakmpd to crash or to loop endlessly. This patch fixes these problems and removes some memory leaks. 021_openssl.patch: A missing check for a NULL-pointer dereference has been found in ssl(3). A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.