Subject: DoS bugs in OpenSSL

The use of certain ASN.1 encodings or malformed public keys may
allow an attacker to mount a denial of service attack against
applications linked with ssl(3).  This does not affect OpenSSH.

For full details, please see the OpenSSL advisory:
    http://www.openssl.org/news/secadv_20030930.txt

A fix has been committed to the OpenBSD 3.2 and 3.3 -stable
branches.  Patches are also available for OpenBSD 3.2 and 3.3.

Patch for OpenBSD 3.2:
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/020_asn1.patch

Patch for OpenBSD 3.3:
    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/007_asn1.patch