version 1.475, 2004/02/19 03:30:52 |
version 1.476, 2004/02/26 07:33:56 |
|
|
<a name="all"></a> |
<a name="all"></a> |
<h3><font color="#e00000">All architectures</font></h3> |
<h3><font color="#e00000">All architectures</font></h3> |
<ul> |
<ul> |
<a name="font"></a> |
<li><a name="font"></a> |
<li><font color="#009000"><strong>012: RELIABILITY FIX: February 14, |
<font color="#009000"><strong>012: RELIABILITY FIX: February 14, |
2004</strong></font><br> |
2004</strong></font><br> |
Several buffer overflows exist in the code parsing |
Several buffer overflows exist in the code parsing |
font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/012_font.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/012_font.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="ip6"></a> |
<li><a name="ip6"></a> |
<li><font color="#009000"><strong>011: SECURITY FIX: February 8, 2004</strong></font><br> |
<font color="#009000"><strong>011: SECURITY FIX: February 8, 2004</strong></font><br> |
An IPv6 MTU handling problem exists that could be used by an attacker |
An IPv6 MTU handling problem exists that could be used by an attacker |
to cause a denial of service attack against hosts with reachable IPv6 |
to cause a denial of service attack against hosts with reachable IPv6 |
TCP ports. |
TCP ports. |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/011_ip6.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/011_ip6.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="sysvshm"></a> |
<li><a name="sysvshm"></a> |
<li><font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
<font color="#009000"><strong>010: SECURITY FIX: February 5, 2004</strong></font><br> |
A reference counting bug exists in the |
A reference counting bug exists in the |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
system call that could be used by an attacker to write to kernel memory |
system call that could be used by an attacker to write to kernel memory |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/010_sysvshm.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/010_sysvshm.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="isakmpd"></a> |
<li><a name="isakmpd"></a> |
<li><font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
<font color="#009000"><strong>009: SECURITY FIX: January 13, 2004</strong></font><br> |
Several message handling flaws in |
Several message handling flaws in |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. The patch also |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch"> |
A source code patch exists which remedies these problems</a>.<br> |
A source code patch exists which remedies these problems</a>.<br> |
<p> |
<p> |
<a name="sem"></a> |
<li><a name="sem"></a> |
<li><font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 20, 2003</strong></font><br> |
An improper bounds check makes it possible for a local user to cause a crash |
An improper bounds check makes it possible for a local user to cause a crash |
by passing the |
by passing the |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semctl&apropos=0&sektion=2&manpath=OpenBSD+Current&arch=i386&format=html">semctl(2)</a> and |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/008_sem.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/008_sem.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="uvm"></a> |
<li><a name="uvm"></a> |
<li><font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
<font color="#009000"><strong>007: RELIABILITY FIX: November 20, 2003</strong></font><br> |
It is possible for a local user to cause a crash via |
It is possible for a local user to cause a crash via |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">sysctl(3)</a> with certain arguments. |
<br> |
<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="exec"></a> |
<li><a name="exec"></a> |
<li><font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font><br> |
<font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font><br> |
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. |
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. |
<br> |
<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="httpd"></a> |
<li><a name="httpd"></a> |
<li><font color="#009000"><strong>004: RELIABILITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>004: RELIABILITY FIX: November 1, 2003</strong></font><br> |
A user with write permission to <tt>httpd.conf</tt> or a <tt>.htaccess</tt> |
A user with write permission to <tt>httpd.conf</tt> or a <tt>.htaccess</tt> |
file can crash |
file can crash |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/004_httpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/004_httpd.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="arp"></a> |
<li><a name="arp"></a> |
<li><font color="#009000"><strong>003: RELIABILITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>003: RELIABILITY FIX: November 1, 2003</strong></font><br> |
It is possible for a local user to cause a system panic by flooding it with spoofed ARP |
It is possible for a local user to cause a system panic by flooding it with spoofed ARP |
requests.<br> |
requests.<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/003_arp.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/003_arp.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="asn1"></a> |
<li><a name="asn1"></a> |
<li><font color="#009000"><strong>002: SECURITY FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>002: SECURITY FIX: November 1, 2003</strong></font><br> |
The use of certain ASN.1 encodings or malformed public keys may allow an |
The use of certain ASN.1 encodings or malformed public keys may allow an |
attacker to mount a denial of service attack against applications linked with |
attacker to mount a denial of service attack against applications linked with |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>. |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/002_asn1.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/002_asn1.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="cd_booklet"></a> |
<li><a name="cd_booklet"></a> |
<li><font color="#009000"><strong>001: DOCUMENTATION FIX: November 1, 2003</strong></font><br> |
<font color="#009000"><strong>001: DOCUMENTATION FIX: November 1, 2003</strong></font><br> |
The CD insert documentation has an incorrect example for package installation.<br> |
The CD insert documentation has an incorrect example for package installation.<br> |
Where it is written:<p> |
Where it is written:<p> |
<strong> |
<strong> |