| version 1.360, 2001/11/13 18:50:12 |
version 1.361, 2001/11/14 01:38:00 |
|
|
| <a name=all></a> |
<a name=all></a> |
| <li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color=#e00000>All architectures</font></h3> |
| <ul> |
<ul> |
| <a name=hosts> |
<a name=vi.recover> |
| <li><font color=#009000><strong>001: INSTALL ISSUE: November 12, 2001</strong></font><br> |
<li><font color=#009000><strong>007: SECURITY FIX: November 13, 2001</strong></font><br> |
| A small bug in the installation script causes the <tt>/etc/hosts</tt> file to |
A security issue exists in the vi.recover script that may allow an attacker |
| be incorrectly formed.<br> |
to remove arbitrary zero-length files, regardless of ownership. |
| The resulting file contains a line which reads like:<p> |
<br> |
| <tt> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/007_recover.patch">A source code patch exists which remedies the problem</a>. |
| #.#.#.# hostname. hostname |
|
| </tt> |
|
| <p> |
<p> |
| This line should actually read something like:<p> |
<a name=pf> |
| <tt> |
<li><font color=#009000><strong>006: SECURITY FIX: November 13, 2001</strong></font> |
| #.#.#.# hostname.domainname.com hostname |
<br> |
| </tt> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
| |
was incapable of dealing with certain ipv6 icmp packets, resulting in a crash. |
| |
<br> |
| |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/006_pf.patch">A source code patch exists which remedies the problem</a>. |
| <p> |
<p> |
| To correct this problem, simply edit the file and insert the domainname in |
|
| the required place. |
|
| <p> |
|
| <a name=sshd> |
<a name=sshd> |
| <li><font color=#009000><strong>002: SECURITY FIX: November 12, 2001</strong></font><br> |
<li><font color=#009000><strong>002: SECURITY FIX: November 12, 2001</strong></font><br> |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> |
|
|
| Effectively an upgrade of OpenSSH 3.0 to OpenSSH 3.0.1, |
Effectively an upgrade of OpenSSH 3.0 to OpenSSH 3.0.1, |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/002_ssh.patch">a source code patch exists which remedies these problems</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/002_ssh.patch">a source code patch exists which remedies these problems</a>. |
| <p> |
<p> |
| <a name=pf> |
<a name=hosts> |
| <li><font color=#009000><strong>006: SECURITY FIX: November 13, 2001</strong></font> |
<li><font color=#009000><strong>001: INSTALL ISSUE: November 12, 2001</strong></font><br> |
| <br> |
A small bug in the installation script causes the <tt>/etc/hosts</tt> file to |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> |
be incorrectly formed.<br> |
| was incapable of dealing with certain ipv6 icmp packets, resulting in a crash. |
The resulting file contains a line which reads like:<p> |
| <br> |
<tt> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/006_pf.patch">A source code patch exists which remedies the problem</a>. |
#.#.#.# hostname. hostname |
| |
</tt> |
| |
<p> |
| |
This line should actually read something like:<p> |
| |
<tt> |
| |
#.#.#.# hostname.domainname.com hostname |
| |
</tt> |
| |
<p> |
| |
To correct this problem, simply edit the file and insert the domainname in |
| |
the required place. |
| <p> |
<p> |
| </ul> |
</ul> |
| <p> |
<p> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www