diff options
| author | hrs <hrs@FreeBSD.org> | 2003-10-05 08:15:54 +0000 |
|---|---|---|
| committer | hrs <hrs@FreeBSD.org> | 2003-10-05 08:15:54 +0000 |
| commit | 85a7ee1518e4384334474f80bafb2e57d509ad7e (patch) | |
| tree | 3b0d7ade591522e13008d4e8623b55676ead4a00 /release | |
| parent | 871953665f6e06df6ae8f3dd10f57318f4ba81b8 (diff) | |
| download | FreeBSD-src-85a7ee1518e4384334474f80bafb2e57d509ad7e.zip FreeBSD-src-85a7ee1518e4384334474f80bafb2e57d509ad7e.tar.gz | |
New errata: SA-03:14, SA-03:17, SA-03:18.
Diffstat (limited to 'release')
| -rw-r--r-- | release/doc/en_US.ISO8859-1/errata/article.sgml | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml index 17d2c48..356dd78 100644 --- a/release/doc/en_US.ISO8859-1/errata/article.sgml +++ b/release/doc/en_US.ISO8859-1/errata/article.sgml @@ -166,6 +166,29 @@ advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc">FreeBSD-SA-03:13</ulink>.</para> + <para>The &os; ARP code contains a bug that could allow the kernel + to cause resource starvation which eventually results in a system panic. + This bug has been fixed on the &release.branch; development branch and the + &release.prev; security fix branch. More information can be + found in security advisory + <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc">FreeBSD-SA-03:14</ulink>.</para> + + <para>The implementation of the &man.procfs.5; and the &man.linprocfs.5; + contain a bug that could result in disclosing the contents of kernel memory. + This bug has been fixed on the &release.branch; development branch and the + &release.prev; security fix branch. More information can be + found in security advisory + <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc">FreeBSD-SA-03:17</ulink>.</para> + + <para><application>OpenSSL</application> contains several bugs + which could allow a remote attacker to crash an + <application>OpenSSL</application>-using application or + to execute arbitrary code with the privileges of the application. + Note that only applications that use <application>OpenSSL</application>'s + ASN.1 or X.509 handling code are affected (<application>OpenSSH</application> + is unaffected, for example). + More information can be found in security advisory + <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc">FreeBSD-SA-03:18</ulink>.</para> ]]> </sect1> |
