Copyright © 2000, 2001, 2002, 2003 by The FreeBSD Documentation Project
-$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v 1.50
-2003/09/20 00:17:52 bmah Exp $
+
$FreeBSD: src/release/doc/en_US.ISO8859-1/errata/article.sgml,v 1.52
+2003/10/05 09:17:25 hrs Exp $
The FreeBSD ARP code contains a bug that could allow the kernel to cause resource +starvation which eventually results in a system panic. This bug has been fixed on the +5-CURRENT development branch and the 5.1-RELEASE security fix branch. More information +can be found in security advisory FreeBSD-SA-03:14.
+ +The implementation of the +procfs(5) and +the +linprocfs(5) +contain a bug that could result in disclosing the contents of kernel memory. This bug has +been fixed on the 5-CURRENT development branch and the 5.1-RELEASE security fix branch. +More information can be found in security advisory FreeBSD-SA-03:17.
+ +OpenSSL contains several bugs which could allow a remote +attacker to crash an OpenSSL-using application or to execute +arbitrary code with the privileges of the application. These bugs have been fixed via a +vendor-supplied patch on the 5-CURRENT development branch and the 5.1-RELEASE security +fix branch. Note that only applications that use OpenSSL's +ASN.1 or X.509 handling code are affected (OpenSSH is +unaffected, for example). More information can be found in security advisory FreeBSD-SA-03:18.