| version 1.475, 2004/02/19 03:30:52 |
version 1.476, 2004/02/26 07:33:56 |
|
|
| <a name="all"></a> |
<a name="all"></a> |
| <h3><font color="#e00000">All architectures</font></h3> |
<h3><font color="#e00000">All architectures</font></h3> |
| <ul> |
<ul> |
| <a name="font"></a> |
<li><a name="font"></a> |
| <li><font color="#009000"><strong>012: RELIABILITY FIX: February 14, |
<font color="#009000"><strong>012: RELIABILITY FIX: February 14, |
| 2004</strong></font><br> |
2004</strong></font><br> |
| Several buffer overflows exist in the code parsing |
Several buffer overflows exist in the code parsing |
| font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/012_font.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/012_font.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="ip6"></a> |
<li><a name="ip6"></a> |
| <li><font color="#009000"><strong>011: SECURITY FIX: February 8, 2004</strong></font><br> |
<font color="#009000"><strong>011: SECURITY FIX: February 8, 2004</strong></font><br> |
| An IPv6 MTU handling problem exists that could be used by an attacker |
An IPv6 MTU handling problem exists that could be used by an attacker |
| to cause a denial of service attack against hosts with reachable IPv6 |
to cause a denial of service attack against hosts with reachable IPv6 |
| TCP ports. |
TCP ports. |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/011_ip6.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/011_ip6.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="sysvshm"></a> |
<li><a name="sysvshm"></a> |
| <li><font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
<font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
| A reference counting bug exists in the |
A reference counting bug exists in the |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
| system call that could be used by an attacker to write to kernel memory |
system call that could be used by an attacker to write to kernel memory |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/010_sysvshm.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/010_sysvshm.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="isakmpd"></a> |
<li><a name="isakmpd"></a> |
| <li><font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
<font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
| Several message handling flaws in |
Several message handling flaws in |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
| have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> |
| A source code patch exists which remedies these problems</a>.<br> |
A source code patch exists which remedies these problems</a>.<br> |
| <p> |
<p> |
| <a name="sem"></a> |
<li><a name="sem"></a> |
| <li><font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> |
| An improper bounds check makes it possible for a local user to cause a crash |
An improper bounds check makes it possible for a local user to cause a crash |
| by passing the |
by passing the |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/008_sem.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/008_sem.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="uvm"></a> |
<li><a name="uvm"></a> |
| <li><font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
<font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
| It is possible for a local user to cause a crash via |
It is possible for a local user to cause a crash via |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
| <br> |
<br> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="exec"></a> |
<li><a name="exec"></a> |
| <li><font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font><br> |
<font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font><br> |
| It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. |
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. |
| <br> |
<br> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="httpd"></a> |
<li><a name="httpd"></a> |
| <li><font color="#009000"><strong>004: RELIABILITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>004: RELIABILITY FIX: November 1, 2003</strong></font><br> |
| A user with write permission to <tt>httpd.conf</tt> or a <tt>.htaccess</tt> |
A user with write permission to <tt>httpd.conf</tt> or a <tt>.htaccess</tt> |
| file can crash |
file can crash |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/004_httpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/004_httpd.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="arp"></a> |
<li><a name="arp"></a> |
| <li><font color="#009000"><strong>003: RELIABILITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>003: RELIABILITY FIX: November 1, 2003</strong></font><br> |
| It is possible for a local user to cause a system panic by flooding it with spoofed ARP |
It is possible for a local user to cause a system panic by flooding it with spoofed ARP |
| requests.<br> |
requests.<br> |
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/003_arp.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/003_arp.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="asn1"></a> |
<li><a name="asn1"></a> |
| <li><font color="#009000"><strong>002: SECURITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>002: SECURITY FIX: November 1, 2003</strong></font><br> |
| The use of certain ASN.1 encodings or malformed public keys may allow an |
The use of certain ASN.1 encodings or malformed public keys may allow an |
| attacker to mount a denial of service attack against applications linked with |
attacker to mount a denial of service attack against applications linked with |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. |
|
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/002_asn1.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/002_asn1.patch"> |
| A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
| <p> |
<p> |
| <a name="cd_booklet"></a> |
<li><a name="cd_booklet"></a> |
| <li><font color="#009000"><strong>001: DOCUMENTATION FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>001: DOCUMENTATION FIX: November 1, 2003</strong></font><br> |
| The CD insert documentation has an incorrect example for package installation.<br> |
The CD insert documentation has an incorrect example for package installation.<br> |
| Where it is written:<p> |
Where it is written:<p> |
| <strong> |
<strong> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www