The patches below are available in CVS via the
-OPENBSD_3_5patch branch.
+OPENBSD_3_6patch branch.
For more detailed information on how to install patches to OpenBSD, please
@@ -56,228 +57,9 @@
All architectures
-
-020: SECURITY FIX: September 20, 2004
-Eilko Bos reported that radius authentication, as implemented by
-login_radius(8),
-was not checking the shared secret used for replies sent by the radius server.
-This could allow an attacker to spoof a reply granting access to the
-attacker. Note that OpenBSD does not ship with radius authentication enabled.
-
-
-A source code patch exists which remedies this problem.
-
-
-019: SECURITY FIX: September 16, 2004
-Chris Evans reported several flaws (stack and integer overflows) in the
-Xpm
-library code that parses image files
-(CAN-2004-0687,
-CAN-2004-0688).
-Some of these would be exploitable when parsing malicious image files in
-an application that handles XPM images, if they could escape ProPolice.
-
-
-A source code patch exists which remedies this problem.
-
-
-018: SECURITY FIX: September 10, 2004
-httpd(8)
-'s mod_rewrite module can be made to write one zero byte in an arbitrary memory
-position outside of a char array, causing a DoS or possibly buffer overflows.
-This would require enabling dbm for mod_rewrite and making use of a malicious
-dbm file.
-
-
-A source code patch exists which remedies this problem.
-
-014: RELIABILITY FIX: July 25, 2004
-Under a certain network load the kernel can run out of stack space. This was
-encountered in an environment using CARP on a VLAN interface. This issue initially
-manifested itself as a FPU related crash on boot up.
-
-
-A source code patch exists which remedies this problem.
-
-011: SECURITY FIX: June 9, 2004
-Multiple remote vulnerabilities have been found in the
-cvs(1)
-server that allow an attacker to crash the server or possibly execute arbitrary
-code with the same privileges as the CVS server program.
-
-
-A source code patch exists which remedies this problem.
-
-
-010: RELIABILITY FIX: June 9, 2004
-A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
-non-blocking mode for writing when there are no processes reading the FIFO.
-One program affected by this is the qmail
-mail server which could go into an infinite loop and consume all CPU.
-
-
-A source code patch exists which remedies this problem.
-
-
-009: SECURITY FIX: May 30,
-2004
-A flaw in the Kerberos V kdc(8)
-server could result in the administrator of a Kerberos realm having
-the ability to impersonate any principal in any other realm which
-has established a cross-realm trust with their realm. The flaw is due to
-inadequate checking of the "transited" field in a Kerberos request. For
-more details see
-Heimdal's announcement.
-
-
-A source code patch exists which remedies this problem.
-
-
-008: SECURITY FIX: May 26,
-2004
-With the introduction of IPv6 code in
-xdm(1),
-one test on the 'requestPort' resource was deleted by accident. This
-makes xdm create the chooser socket even if xdmcp is disabled in
-xdm-config, by setting requestPort to 0. See
-XFree86
-bugzilla for details.
-
-
-A source code patch exists which remedies this problem.
-
-
-007: SECURITY FIX: May 20,
-2004
-A heap overflow in the
-cvs(1)
-server has been discovered that can be exploited by clients sending
-malformed requests, enabling these clients to run arbitrary code
-with the same privileges as the CVS server program.
-
-
-A source code patch exists which remedies this problem.
-
-002: SECURITY FIX: May 5,
-2004
-Pathname validation problems have been found in
-cvs(1),
-allowing malicious clients to create files outside the repository, allowing
-malicious servers to overwrite files outside the local CVS tree on
-the client and allowing clients to check out files outside the CVS
-repository.
-
-
-A source code patch exists which remedies this problem.
-
-
-
-
-
i386
-
No problems identified yet.
+
alpha
@@ -297,36 +79,42 @@
No problems identified yet.
-
-
mac68k
+
+
hp300
No problems identified yet.
-
-
sparc
+
+
hppa
No problems identified yet.
-
-
sparc64
+
+
i386
No problems identified yet.
-
-
hppa
+
+
luna88k
No problems identified yet.
-
-
hp300
+
+
mac68k
No problems identified yet.
+
+
macppc
+
+
No problems identified yet.
+
+
mvme68k
@@ -339,15 +127,16 @@
No problems identified yet.
-
-
macppc
+
+
sparc
-
-001: BROKEN PACKAGE ON CD: May 4, 2004
-The powerpc autobook-1.3.tgz package found on CD2 has been found to be corrupt,
-and will not extract.
-A replacement package can be found on the ftp sites.
+