OpenBSD release errata

=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v retrieving revision 1.231 retrieving revision 1.232 diff -c -r1.231 -r1.232 *** www/errata.html 2000/05/16 20:28:59 1.231 --- www/errata.html 2000/05/19 20:04:52 1.232 *************** *** 1,7 **** ! OpenBSD release errata --- 1,7 ---- ! OpenBSD 2.7 errata *************** *** 14,20 ****

! This is the OpenBSD 2.6 release errata & patch list:

--- 14,20 ----

! This is the OpenBSD 2.7 release errata & patch list:

*************** *** 24,32 **** For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. --- 24,33 ---- For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.
+ For 2.6 errata, please refer here.

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. *************** *** 36,175 ****

All architectures

021: RZSZ SNOOPING: Jan 31, 2000
! The rzsz port was removed from the ports collection, as it collects and ! sends user information to a designated email address, effectively spying on ! you. It is recommended that you remove this package if you installed ! it. !
! !
020: LIBRARY IMPROVEMENT: Jan 26, 2000
! syslog(3) would not try to reopen the socket, thus, nightly newsyslog(8) ! would cause syslogd(8) to not see new messages. ! ! A source code patch exists, which remedies this problem. !
! !
019: DRIVER IMPROVEMENT: Jan 20, 2000
! Intel fxp cards with National Semiconductor PHYs (nsphy) have trouble ! negotiating and maintaining 100Mb link integrity.
! ! A source code patch exists, which remedies this problem. !
! !
018: SECURITY FIX: Jan 20, 2000
! Systems running with procfs enabled and mounted are vulnerable ! to having the stderr output of setuid processes directed onto ! a pre-seeked descriptor onto the stack in their own procfs memory.
! Note that procfs is not mounted by default in OpenBSD.
! ! A source code patch exists, which remedies this problem. !
! !
015: Y2K FIX: Jan 9, 2000
! The at(1) command was unable to parse some kinds of dates.
! ! A source code patch exists, which remedies this problem. !
! !
013: Y2K FIX: Jan 3, 2000
! A minor problem in the logging support for the adduser(8) command.
! ! A source code patch exists, which remedies this problem. !
! !
012: DRIVER IMPROVEMENT: Jan 3, 2000
! The 3C900B-TPO fails to select the correct media type (it never sees or ! sends packets).
! ! A source code patch exists, which remedies this problem. !
! !
011: SECURITY FIX: Dec 4, 1999
! Various bugs in poll(2) may cause a kernel crash.
! ! A source code patch exists, which remedies this problem. !
! !
010: SECURITY FIX: Dec 4, 1999
! Sendmail had a race in aliases file handling, which this patch fixes.
! ! A source code patch exists, which remedies this problem. !
! !
009: DRIVER IMPROVEMENTS: Dec 4, 1999
! Various improvements have been made to the IDE/ATAPI subsystem since ! the 2.6 release shipped.
! Some of these improvements make some recalcitrant devices work much better. !
! Revision 1 of this jumbo source code patch exists.
!
! !
016: SECURITY FIX: Dec 2, 1999
! A buffer overflow in the RSAREF code included in the ! USA version of the libssl package (called sslUSA, is ! possibly exploitable in isakmpd if SSL/RSA features ! are enabled or used.
! OpenSSH and httpd (with -DSSL) are not ! vulnerable.
! NOTE: International users using the ssl26 package are not affected. !
! To check what package you are using, use !
```
! # pkg_info sslUSA26
! 
```
! The patched library says:
! "ssl26.1 USA-only non-commercial crypto libs incl. SSL & RSA" !
! Non-commercial USA users who installed the ssl package before December 3 ! should upgrade their sslUSA26 package using:
!
```
! # pkg_delete sslUSA26
! # pkg_add -v sslUSA26.tar.gz
! 
```
! Using the new sslUSA26.tar.gz files which have been placed ! on the FTP mirrors.
! For more information, see the advisory.
! NOTE: this problem turned out to not be unexploitable in OpenSSH. !
! !
017: FUNCTIONALITY ADDITION: Nov 14, 1999
! Fortran doesn't work right. The file /usr/include/g2c.h is missing in the ! release.
! ! A source code patch exists which remedies this problem.
! The patch fixes the source tree and describes how to properly add ! ! the include file to your system. !
! !
005: FUNCTIONALITY ADDITION: Nov 11, 1999
! Various OpenSSH improvements have been made since the 2.6 release shipped.
! To resolve the various (non-security related) features which users may want, ! we are making a jumbo patch available. This is now at VERSION FOUR.
! ! Revision 4 of this jumbo source code patch exists.
! NOTE: /etc/sshd_config and /etc/ssh_config may need changes. !
! !
003: FUNCTIONALITY FIX: Nov 10, 1999
! m4 is quite broken in the 2.6 release.
! ! The 3rd version of the source code patch exists, which remedies this problem. !
! !
002: SECURITY FIX: Nov 9, 1999
! Any user can change interface media configurations.
! ! A source code patch exists which remedies this problem. !
! !
001: RELIABILITY FIX: Nov 8, 1999
! A race condition in newsyslog(8) can cause errors in log file rotation.
! ! A source code patch exists which remedies this problem. !

--- 37,43 ----

All architectures

No problems identified yet.

*************** *** 181,221 ****

mac68k

007: RELIABILITY FIX: Nov 12, 1999
! All m68k kernels can possibly be crashed by a user.
! ! A source code patch exists which remedies this problem. !

sparc

014: Y2K FIX: Jan 3, 2000
! A minor problem; the sparc eeprom(8) command is not Y2K compliant.
! ! Revision 2 of the source code patch exists, which remedies this problem. !
! !
004: RELIABILITY FIX: Nov 12, 1999
! The sparc kernel can be crashed by a user.
! ! A source code patch exists which remedies this problem. !

amiga

007: RELIABILITY FIX: Nov 12, 1999
! All m68k kernels can possibly be crashed by a user.
! ! A source code patch exists which remedies this problem. !

--- 49,67 ----

mac68k

No problems identified yet.

sparc

No problems identified yet.

amiga

No problems identified yet.

*************** *** 233,266 ****

alpha

006: RELIABILITY FIX: Nov 13, 1999
! The alpha kernel can possibly be crashed by a user.
! ! A source code patch exists which remedies this problem. !

hp300

007: RELIABILITY FIX: Nov 12, 1999
! All m68k kernels can possibly be crashed by a user.
! ! A source code patch exists which remedies this problem. !

mvme68k

007: RELIABILITY FIX: Nov 12, 1999
! All m68k kernels can possibly be crashed by a user.
! ! A source code patch exists which remedies this problem. !

--- 79,97 ----

alpha

No problems identified yet.

hp300

No problems identified yet.

mvme68k

No problems identified yet.

*************** *** 278,288 **** For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.

www@openbsd.org !
$OpenBSD: errata.html,v 1.231 2000/05/16 20:28:59 deraadt Exp $ --- 109,120 ---- For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.
+ For 2.6 errata, please refer here.

www@openbsd.org !
$OpenBSD: errata.html,v 1.232 2000/05/19 20:04:52 deraadt Exp $