Sunday, September 3, 2006

OpenBSD Errata 009

OpenBSDThe OpenBSD team has released another kernel update for OpenBSD 3.9:

Due to the failure to correctly validate LCP configuration option lengths, it is possible for an attacker to send LCP packets via an sppp(4) connection causing the kernel to panic. CVE-2006-4304

As always, I've created a binpatch for the GENERIC kernel as well as GENERIC.MP, GENERIC + RAID and GENERIC.MP + RAID.