===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.197
retrieving revision 1.198
diff -c -r1.197 -r1.198
*** www/errata.html 1999/09/26 13:00:42 1.197
--- www/errata.html 1999/11/09 09:00:34 1.198
***************
*** 14,20 ****
! This is the OpenBSD 2.5 release errata & patch list:
--- 14,20 ----
! This is the OpenBSD 2.6 release errata & patch list:
***************
*** 23,31 ****
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 23,32 ----
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
+ For 2.5 errata, please refer here.
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 36,128 ****
All architectures
! - SECURITY FIX: Aug 30, 1999
! In cron(8), make sure argv[] is NULL terminated in the fake popen() and
! run sendmail as the user, not as root.
!
A source code patch exists which remedies this problem.
-
-
- SECURITY FIX: Aug 12, 1999
- The procfs and fdescfs filesystems had an overrun in their handling
- of uio_offset in their readdir() routines. (These filesystems are not
- enabled by default).
-
- A source code patch exists which remedies this problem.
-
-
-
- SECURITY FIX: Aug 9, 1999
- Stop profiling (see profil(2)) when we execve() a new process.
-
- A source code patch exists which remedies this problem.
-
-
-
- SECURITY FIX: Aug 6, 1999
- Packets that should have been handled by IPsec may be transmitted
- as cleartext. PF_KEY SA expirations may leak kernel resources.
-
- A source code patch exists which remedies this problem.
-
-
-
- SECURITY FIX: Aug 5, 1999
- In /etc/rc, use mktemp(1) for motd re-writing, and change the find(1)
- to use -execdir.
-
- A source code patch exists which remedies this problem.
-
-
-
- SECURITY FIX: Jul 30, 1999
- Do not permit regular users to chflags(2) or fchflags(2) on character or
- block devices which they may currently be the owner of.
-
- A source code patch exists which remedies this problem.
-
-
-
- SECURITY FIX: Jul 27, 1999
- Cause groff(1) to be invoked with the -S flag, when called by nroff(1),
- to avoid various groff features which may be security issues. On the
- whole, this is not really a security issue, but it was discussed on
- BUGTRAQ as if it is.
-
- A source code patch exists which remedies this problem.
-
-
-
- RELIABILITY FIX: May 19, 1999
- Programs using fts(3) could dump core when given a directory structure
- with a very large number of entries.
-
- A source code patch exists which remedies this problem.
-
-
-
- RELIABILITY FIX: May 19, 1999
- Sequence numbers could wrap with TCP_SACK and TCP_NEWRENO, resulting in
- failure to retransmit correctly.
-
- A source code patch exists which remedies this problem.
-
-
-
- RELIABILITY FIX
- Retransmitted TCP packets could get corrupted when flowing over an
- IPSEC ESP tunnel.
-
- A source code patch exists which remedies this problem.
-
-
-
- RELIABILITY FIX
- A local user can crash the system by reading a file larger than 64meg
- from an ext2fs partition.
-
- A source code patch exists which remedies this problem.
-
-
-
- RELIABILITY FIX
- PF_KEY socket operations leak internal kernel resources, so that a
- system running an IPsec keymanagement daemon like photurisd or isakmpd
- will cause the networking subsystem to stop working after a finite amount
- of time.
-
- A source code patch exists which remedies this problem.
--- 37,47 ----
All architectures
***************
*** 134,147 ****
mac68k
--- 53,59 ----
mac68k
! - No problems identified yet.
***************
*** 189,201 ****
powerpc
--- 101,107 ----
powerpc
! - No problems identified yet.
***************
*** 206,216 ****
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
www@openbsd.org
!
$OpenBSD: errata.html,v 1.197 1999/09/26 13:00:42 deraadt Exp $