| version 1.541, 2005/07/23 00:47:03 |
version 1.542, 2005/10/29 17:18:27 |
|
|
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
| <html> |
<html> |
| <head> |
<head> |
| <title>OpenBSD 3.7 errata</title> |
<title>OpenBSD 3.8 errata</title> |
| <link rev=made href="mailto:www@openbsd.org"> |
<link rev=made href="mailto:www@openbsd.org"> |
| <meta name="resource-type" content="document"> |
<meta name="resource-type" content="document"> |
| <meta name="description" content="the OpenBSD CD errata page"> |
<meta name="description" content="the OpenBSD CD errata page"> |
|
|
| |
|
| <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
| <h2><font color="#0000e0"> |
<h2><font color="#0000e0"> |
| This is the OpenBSD 3.7 release errata & patch list: |
This is the OpenBSD 3.8 release errata & patch list: |
| |
|
| </font></h2> |
</font></h2> |
| |
|
|
|
| <a href="errata33.html">3.3</a>, |
<a href="errata33.html">3.3</a>, |
| <a href="errata34.html">3.4</a>, |
<a href="errata34.html">3.4</a>, |
| <a href="errata35.html">3.5</a>, |
<a href="errata35.html">3.5</a>, |
| <a href="errata36.html">3.6</a>. |
<a href="errata36.html">3.6</a>, |
| |
<a href="errata37.html">3.7</a>. |
| <br> |
<br> |
| <hr> |
<hr> |
| |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8.tar.gz"> |
| You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
| This file is updated once a day. |
This file is updated once a day. |
| |
|
| <p> The patches below are available in CVS via the |
<p> The patches below are available in CVS via the |
| <code>OPENBSD_3_7</code> <a href="stable.html">patch branch</a>. |
<code>OPENBSD_3_8</code> <a href="stable.html">patch branch</a>. |
| |
|
| <p> |
<p> |
| For more detailed information on how to install patches to OpenBSD, please |
For more detailed information on how to install patches to OpenBSD, please |
|
|
| <a name="vax"></a> |
<a name="vax"></a> |
| <ul> |
<ul> |
| |
|
| <li><a name="libz2"></a> |
<li>None yet. |
| <font color="#009000"><strong>005: SECURITY FIX: July 21, 2005</strong></font> <i>All architectures</i><br> |
|
| A buffer overflow has been found in |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a> |
|
| which may be exploitable.<br> |
|
| Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch. |
|
| <br> |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch"> |
|
| A source code patch exists which remedies this problem</a>.<br> |
|
| <p> |
|
| |
|
| <li><a name="libz"></a> |
|
| <font color="#009000"><strong>004: SECURITY FIX: July 6, 2005</strong></font> <i>All architectures</i><br> |
|
| A buffer overflow has been found in |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a> |
|
| which may be exploitable. |
|
| <br> |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch"> |
|
| A source code patch exists which remedies this problem</a>.<br> |
|
| <p> |
|
| |
|
| <li><a name="sudo"></a> |
|
| <font color="#009000"><strong>003: SECURITY FIX: June 20, 2005</strong></font> <i>All architectures</i><br> |
|
| Due to a race condition in its command pathname handling, a user with |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sudo&sektion=8">sudo(8)</a> |
|
| privileges may be able to run arbitrary commands if the user's entry |
|
| is followed by an entry that grants <tt>sudo ALL</tt> privileges to |
|
| another user. |
|
| <br> |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch"> |
|
| A source code patch exists which remedies this problem</a>.<br> |
|
| <p> |
|
| |
|
| <li><a name="getsockopt"></a> |
|
| <font color="#009000"><strong>002: RELIABILITY FIX: June 15, 2005</strong></font> <i>All architectures</i><br> |
|
| As discovered by Stefan Miltchev calling |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getsockopt&sektion=2">getsockopt(2)</a> |
|
| to get |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a> |
|
| credentials for a socket can result in a kernel panic. |
|
| <br> |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch"> |
|
| A source code patch exists which remedies this problem</a>.<br> |
|
| <p> |
|
| |
|
| <li><a name="cvs"></a> |
|
| <font color="#009000"><strong>001: SECURITY FIX: June 7, 2005</strong></font> <i>All architectures</i><br> |
|
| |
|
| Fix a buffer overflow, memory leaks, and NULL pointer dereference in |
|
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a> |
|
| . None of these issues are known to be exploitable. |
|
| <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a> |
|
| . |
|
| <br> |
|
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch"> |
|
| A source code patch exists which remedies this problem</a>.<br> |
|
| <p> |
|
| </ul> |
</ul> |
| |
|
| <br> |
<br> |
|
|
| <a href="errata33.html">3.3</a>, |
<a href="errata33.html">3.3</a>, |
| <a href="errata34.html">3.4</a>, |
<a href="errata34.html">3.4</a>, |
| <a href="errata35.html">3.5</a>, |
<a href="errata35.html">3.5</a>, |
| <a href="errata36.html">3.6</a>. |
<a href="errata36.html">3.6</a>, |
| |
<a href="errata37.html">3.7</a>. |
| <br> |
<br> |
| |
|
| <hr> |
<hr> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www