OpenBSD Journal

a Patches for USER_LDT and AH

Contributed by Dengue on from the proactive-security dept.

Patch 022 has been released. To quote errata.html :
The USER_LDT kernel option allows an attacker to gain access to privledged area's of kernel memory. This option is not on by default.
Patch 023 has been released. To quote errata.html :
Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.
Information on patching your systems is in the FAQ .

(Comments are closed)


Comments
  1. By Niekze () niekze@nothingkillsfaster.com on http://www.nothingkillsfaster.com

    actually, where is Patch 022 on the patch page. I've already downloaded it from here, but I am just wondering why it does not appear on the patch page?!?!?

  2. By Niekze () niekze@nothingkillsfaster.com on http://www.nothingkillsfaster.com

    actually, where is Patch 022 on the patch page. I've already downloaded it from here, but I am just wondering why it does not appear on the patch page?!?!?

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]