Re: OpenBSD Errata: April 21st, 2018 (libtls)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD Errata: April 21st, 2018 (libtls)

Jan Stary
On Apr 21 11:53:01, [hidden email] wrote:
> Errata patches for libtls have been released for OpenBSD 6.3.
>
> Additional data is inadvertently removed when private keys are cleared from
> TLS configuration, which can prevent OCSP from functioning correctly.
>
> Binary updates for the amd64, i386, and arm64 platforms are available via
> the syspatch utility. Source code patches can be found on the errata page:
>
>   https://www.openbsd.org/errata63.html

The link to
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_libtls.patch.sig
is broken.

        Jan

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD Errata: April 21st, 2018 (libtls)

Jan Stary
On Apr 21 19:23:52, [hidden email] wrote:

> On Apr 21 11:53:01, [hidden email] wrote:
> > Errata patches for libtls have been released for OpenBSD 6.3.
> >
> > Additional data is inadvertently removed when private keys are cleared from
> > TLS configuration, which can prevent OCSP from functioning correctly.
> >
> > Binary updates for the amd64, i386, and arm64 platforms are available via
> > the syspatch utility. Source code patches can be found on the errata page:
> >
> >   https://www.openbsd.org/errata63.html
>
> The link to
> https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_libtls.patch.sig
> is broken.

https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/002_arp.patch.sig
as well.

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD Errata: April 21st, 2018 (libtls)

Stuart Henderson
On 2018-04-21, Jan Stary <[hidden email]> wrote:

> On Apr 21 19:23:52, [hidden email] wrote:
>> On Apr 21 11:53:01, [hidden email] wrote:
>> > Errata patches for libtls have been released for OpenBSD 6.3.
>> >
>> > Additional data is inadvertently removed when private keys are cleared from
>> > TLS configuration, which can prevent OCSP from functioning correctly.
>> >
>> > Binary updates for the amd64, i386, and arm64 platforms are available via
>> > the syspatch utility. Source code patches can be found on the errata page:
>> >
>> >   https://www.openbsd.org/errata63.html
>>
>> The link to
>> https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_libtls.patch.sig
>> is broken.
>
> https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/002_arp.patch.sig
> as well.
>
>

These should be:

https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/002_libtls.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/003_arp.patch.sig