Thread: Security Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping
View Single Post
  #7   (View Single Post)  
Old 13th April 2014
comet--berkeley comet--berkeley is offline
Real Name: Richard
Package Pilot
  
Join Date: Apr 2009
Location: California
Posts: 163
Default Saturday April 12...another OpenBSD 5.4 patch for OpenSSL
Yet another OpenBSD 5.4 patch to OpenSSL:

Quote:
OpenBSD 5.4 errata 8, Apr 12, 2014: A use-after-free race condition
in OpenSSL's read buffer may permit an attacker to inject data from
one connection into another.

The advice in the previous OpenSSL errata also applies.
http://www.openbsd.org/errata54.html

http://ftp.openbsd.org/pub/OpenBSD/p..._openssl.patch
Reply With Quote