[en]
571s
600p
These are the OpenBSD 3.9 advisories -- all these problems are solved598s 600p
in <a href=anoncvs.html>OpenBSD current</a> and the
<a href=stable.html>patch branch</a>.
<p>
<ul>
<li><a href="errata39.html#022_route6">Apr 23, 2007:
IPv6 type 0 route headers can be used to mount a DoS attack
against hosts and networks.</a>
<li><a href="errata39.html#021_xorg">Apr 4, 2007:
Multiple vulnerabilities in X.Org.</a>
<li><a href="errata39.html#m_dup1">Mar 7, 2007:
Incorrect mbuf handling for ICMP6 packets.</a>
<li><a href="errata39.html#agp">Jan 3, 2007:
Insufficient validation in vga(4) may allow an attacker to gain
root privileges on some i386 systems.</a>
<li><a href="errata39.html#ldso">Nov 19, 2006:
ld.so(1) fails to properly sanitize the environment.</a>
<li><a href="errata39.html#ssh">Oct 12, 2006:
Fix 2 security bugs found in OpenSSH.</a>
<li><a href="errata39.html#systrace">Oct 7, 2006:
Fix for an integer overflow in systrace(4)'s STRIOCREPLACE support,
found by Chris Evans.</a>
<li><a href="errata39.html#openssl2">Oct 7, 2006:
Several problems have been found in OpenSSL.</a>
<li><a href="errata39.html#httpd2">Oct 7, 2006:
httpd(8) does not sanitize the Expect header from an HTTP request
when it is reflected back in an error message, which might allow
cross-site scripting (XSS) style attacks.</a>
<li><a href="errata39.html#openssl">Sep 8, 2006:
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is
possible for an attacker to construct an invalid signature which
when it is reflected back in an error message, which might allow
cross-site scripting (XSS) style attacks.</a>
<li><a href="errata39.html#openssl">Sep 8, 2006:
Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is
possible for an attacker to construct an invalid signature which
[fr]
no corresponding hunk in [fr]