|
|
|
|
The current release is OpenBSD 5.0 which was released Nov 1, 2011 -> http://openbsd.org
Server was upgraded today, because of some problems with mysqld service. |
|
|
| written by admin - 03.11.2011 - 00:15 |
|
|
|
|
|
|
|
It's been a long time, since I last posted here... End of another year is approaching fast, and there's just a little time left.
netburst.org is still alive, and it's cms system has just been updated, nothing mayor, but hey, it's a good start!
More is about to follow in the upcomming snowy days.
see you on irc.freenode.net, #netburst |
|
|
| written by admin - 23.10.2011 - 04:37 |
|
|
|
|
|
|
|
| We have enabled SSL (Secure Sockets Layer) on our website. Now you can access it through this link https://netburst.org |
|
|
| written by admin - 25.03.2011 - 23:13 |
|
|
|
|
|
|
|
010: RELIABILITY FIX: February 16, 2011 All architectures
The sis(4) driver may hand over stale ring descriptors to the hardware if the compiler decides to re-order stores or if the hardware does store-reordering.
A source code patch exists which remedies this problem.
009: SECURITY FIX: February 16, 2011 Little-endian architectures
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were not correctly handled on little-endian systems (alpha, amd64, arm, i386, mips64el, vax). Other address types (bare addresses "10.1.1.1" and prefixes "10.1.1.1/30") are not affected.
A source code patch exists which remedies this problem.
008: SECURITY FIX: February 11, 2011 All architectures
An incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. An attacker could use this flaw to trigger an invalid memory access, causing a crash of an application linked to OpenSSL. As well, certain applications may expose the contents of parsed OCSP extensions, specifically the OCSP nonce extension.
Applications are only affected if they act as a server and call SSL_CTX_set_tlsext_status_cb on the server`s SSL_CTX. It is believed that nothing in the base OS uses this. Apache httpd started using this in v2.3.3; this is newer than the version in ports.
A source code patch exists which remedies this problem.
007: RELIABILITY FIX: January 13, 2011 All architectures
sp_protocol in RTM_DELETE messages could contain garbage values leading to routing socket users that restrict the AF (such as ospfd) not seeing any of the RTM_DELETE messages.
A source code patch exists which remedies this problem. |
|
|
| written by admin - 25.03.2011 - 23:09 |
|
|
|
|
|
|
|
006: RELIABILITY FIX: December 17, 2010 All architectures
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. This fixes aes-ni, via xcrypt and various drivers (glxsb, hifn, safe and ubsec).
005: SECURITY FIX: December 17, 2010 All architectures
Insufficent initialization of the pf rule structure in the ioctl handler may allow userland to modify kernel memory. By default root privileges are needed to add or modify pf rules.
004: RELIABILITY FIX: November 17, 2010 All architectures
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded and use OpenSSL`s internal caching mechanism. Servers that are multi-process and/or disable internal session caching are not affected. |
|
|
| written by admin - 20.12.2010 - 19:15 |
|
|
|
|
