version 1.541, 2005/07/23 00:47:03 |
version 1.542, 2005/10/29 17:18:27 |
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<html> |
<head> |
<head> |
<title>OpenBSD 3.7 errata</title> |
<title>OpenBSD 3.8 errata</title> |
<link rev=made href="mailto:www@openbsd.org"> |
<link rev=made href="mailto:www@openbsd.org"> |
<meta name="resource-type" content="document"> |
<meta name="resource-type" content="document"> |
<meta name="description" content="the OpenBSD CD errata page"> |
<meta name="description" content="the OpenBSD CD errata page"> |
|
|
|
|
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
<h2><font color="#0000e0"> |
<h2><font color="#0000e0"> |
This is the OpenBSD 3.7 release errata & patch list: |
This is the OpenBSD 3.8 release errata & patch list: |
|
|
</font></h2> |
</font></h2> |
|
|
|
|
<a href="errata33.html">3.3</a>, |
<a href="errata33.html">3.3</a>, |
<a href="errata34.html">3.4</a>, |
<a href="errata34.html">3.4</a>, |
<a href="errata35.html">3.5</a>, |
<a href="errata35.html">3.5</a>, |
<a href="errata36.html">3.6</a>. |
<a href="errata36.html">3.6</a>, |
|
<a href="errata37.html">3.7</a>. |
<br> |
<br> |
<hr> |
<hr> |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8.tar.gz"> |
You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
This file is updated once a day. |
This file is updated once a day. |
|
|
<p> The patches below are available in CVS via the |
<p> The patches below are available in CVS via the |
<code>OPENBSD_3_7</code> <a href="stable.html">patch branch</a>. |
<code>OPENBSD_3_8</code> <a href="stable.html">patch branch</a>. |
|
|
<p> |
<p> |
For more detailed information on how to install patches to OpenBSD, please |
For more detailed information on how to install patches to OpenBSD, please |
|
|
<a name="vax"></a> |
<a name="vax"></a> |
<ul> |
<ul> |
|
|
<li><a name="libz2"></a> |
<li>None yet. |
<font color="#009000"><strong>005: SECURITY FIX: July 21, 2005</strong></font> <i>All architectures</i><br> |
|
A buffer overflow has been found in |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a> |
|
which may be exploitable.<br> |
|
Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
|
<li><a name="libz"></a> |
|
<font color="#009000"><strong>004: SECURITY FIX: July 6, 2005</strong></font> <i>All architectures</i><br> |
|
A buffer overflow has been found in |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a> |
|
which may be exploitable. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
|
<li><a name="sudo"></a> |
|
<font color="#009000"><strong>003: SECURITY FIX: June 20, 2005</strong></font> <i>All architectures</i><br> |
|
Due to a race condition in its command pathname handling, a user with |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sudo&sektion=8">sudo(8)</a> |
|
privileges may be able to run arbitrary commands if the user's entry |
|
is followed by an entry that grants <tt>sudo ALL</tt> privileges to |
|
another user. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
|
<li><a name="getsockopt"></a> |
|
<font color="#009000"><strong>002: RELIABILITY FIX: June 15, 2005</strong></font> <i>All architectures</i><br> |
|
As discovered by Stefan Miltchev calling |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getsockopt&sektion=2">getsockopt(2)</a> |
|
to get |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a> |
|
credentials for a socket can result in a kernel panic. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
|
|
<li><a name="cvs"></a> |
|
<font color="#009000"><strong>001: SECURITY FIX: June 7, 2005</strong></font> <i>All architectures</i><br> |
|
|
|
Fix a buffer overflow, memory leaks, and NULL pointer dereference in |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a> |
|
. None of these issues are known to be exploitable. |
|
<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a> |
|
. |
|
<br> |
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch"> |
|
A source code patch exists which remedies this problem</a>.<br> |
|
<p> |
|
</ul> |
</ul> |
|
|
<br> |
<br> |
|
|
<a href="errata33.html">3.3</a>, |
<a href="errata33.html">3.3</a>, |
<a href="errata34.html">3.4</a>, |
<a href="errata34.html">3.4</a>, |
<a href="errata35.html">3.5</a>, |
<a href="errata35.html">3.5</a>, |
<a href="errata36.html">3.6</a>. |
<a href="errata36.html">3.6</a>, |
|
<a href="errata37.html">3.7</a>. |
<br> |
<br> |
|
|
<hr> |
<hr> |