Four updates for OpenBSD
The developers of OpenBSD have released updates to remove four vulnerabilities. An error in the ISAKMP service, for example, can under certain circumstances related to the negotiating of SAs lead to IPSec working without replay protection. An attacker could then resend intercepted packets back into the connection without the service noticing the inappropriate sequence numbers.
There is also another problem in the kernel: too many allocated semaphores provoking a kernel panic. The updates also close a hole in the DHCP server acknowledged three weeks ago as well as a DoS vulnerability in Sendmail. OpenBSD 3.8 and 3.9 are affected.
- OpenBSD 3.9 release errata & patch list from openbsd.org
(ehe)