The OpenBSD team has released a patch 011 for OpenBSD 4.1 (patch 002 for OpenBSD 4.2 and patch 017 for OpenBSD 4.0).This is a security fix and applies to all architectures.
Quote from the commit messages (1.16 & 1.17):
Replace use of strcpy(3) and other pointer goo in
SSL_get_shared_ciphers() with strlcat(3).Fix off-by-one buffer overflow in SSL_get_shared_ciphers().
From OpenSSL_0_9_8-stable branch.
Binpatches exist for OpenBSD 4.1 and OpenBSD 4.0. Note, I do not have a 4.2 box set up, so no binpatches for 4.2 yet.
No comments:
Post a Comment