![[OpenBSD]](images/smalltitle.gif)
All architectures
-
-
-
- SECURITY FIX
-An exploitable buffer mismanagement exists in a subroutine used by -lprm and lpd. The problem is exploitable by users on a particular -machine if there is an entry in /etc/printcap which -points at a remote printer. - -A patch is available which corrects this behaviour. + - No problems identified yet.
- SECURITY FIX
-A DNS-based vulnerability exists when uucpd is used. By default uucpd -is not enabled in the OpenBSD releases, but some sites may have enabled it. - -A patch is available which corrects this behaviour. - - SECURITY FIX
-A vulnerability exists when (and only when) /etc/named.conf has the -fake-iquery option enabled. - -A patch is available which corrects this behaviour. - - SECURITY FIX
-A vulnerability exists in ping(8); if the -R option is used to record -routes, an attacker can spoof a reply packet that will overflow inside -ping. Preliminary investigation makes it look the worst attack -possible is to make ping crash, but one never knows... - -A patch is available which corrects this behaviour. - - SECURITY FIX
-If the sysctl variable net.inet.ip.forwarding is -enabled (value 1), but the variable net.inet.ip.sourceroute -is disabled (value 0), the kernel will block source routed packets from -going through, but will still accept source routing packets destined for -itself. Our fix changes the net.inet.ip.sourceroute -variable semantics to mean that all source routed packets should -be blocked completely. - -A kernel patch is provided. - - SECURITY FIX
-A combination localhost+remote host security problem exists if a -local user running a setuid binary causes a non-existant root .rhosts -file to be created via a symbolic link with a specific kind of corefile, -and then subsequently uses rsh/rlogin to enter the machine from remote. -A similar exploit might also be possible using sshd which lacks any code -for checking for deviations from the expected format in the .rhosts or -.shosts files, but we have not confirmed this yet. The following two -fixes are recommended: --
-
-
-
-
-(1) A kernel patch which adds a new sysctl option which permits the
-administrator to decide whether setuid corefiles should be written or not.
-
-
- -(2) Replaces the libc ruserok() function with a more paranoid -version which detects bogus looking .rhosts files better.
-If the -first patch is used to stop setuid coredumps, then the second patch is -not as important. -This problem is fixed much better in OpenBSD-current, where the kernel's -symbolic link handling has been improved such that coredumping will not -create a file on the other side of a symbolic link. Such a patch is not -possible for the 4.4lite1 VFS layer in the OpenBSD 2.2 kernel.
-The problem with the ruserok() function appears to also exist in -ssh 1.2.21 and previous (the ssh people have been alerted). -
-
-
-(1) A kernel patch which adds a new sysctl option which permits the
-administrator to decide whether setuid corefiles should be written or not.
-
- SECURITY FIX
-A bug in the vm system permits a file descriptor opened read-only on a -device, to later on be mmap(2)'d read-write, and then modified. This -does not result in a security hole by itself, but it does violate the -safety semantics which securelevels are supposed to provide. If a user -manages to gain kmem group permissions, using this problem they can then -gain root trivially and/or turn securelevels off. - -A kernel patch is available which corrects this behaviour (this is -revision 3 of this patch). --
- BUILD PROCESS FIX
-Building an object tree from a read-only source tree (such as off a CDROM) -may fail under certain circumstances (e.g. when creating a symlink on sparc -whose target name is exactly 33 characters). As a workaround you have to -either provide the source tree read/write, or install a newer version of -/usr/bin/readlink. - -A replacement source file exists. - - SECURITY FIX
-If a line in /etc/exports which contains hostnames results in an empty -list because none of the supplied hostnames is known, mountd(8) will -accidentally export the filesystem to the world. - -A patch is available which corrects this behaviour. --
- RELIABILITY FIX
-Setting the MSG_EOR flag on a tcp packet in the send(2) family of -system calls could cause a kernel panic. - -A patch to return EINVAL in this case is available. --
i386
-
-
-
- RELIABILITY FIX
-The Intel P5 F00F bug was discovered after the CDR's had already been -sent to the manufacturer. This problem permits any user who has an account -to lock your machine up using a 4-line program. The problem only affects -Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable, -nor are processors by other manufacturers). - -A kernel source-code patch is available. + - No problems identified yet.
-
- FUNCTIONALITY FIX
-Some Linux binaries will execute in SVR4 emulation mode, which is -definately a problem for people who need Linux emulation to work correctly. -To solve this mis-identification problem, - -a patch file is provided. --
- RELIABILITY FIX
-APM can crash on machines without it. - -A kernel source-code patch is available. --
- INSTALLATION PROCESS FLAW
-A few people are running into this problem, particularily if they had some -other *BSD operating system on their machine before trying OpenBSD: if after -installation onto an IDE-based machine, the kernel fails to mount the root -partition because it thinks that it should be opening sd0 (0x400), this means -you have incorrectly setup your disklabel for the IDE drive -- the disklabel -is indicating that the drive is SCSI. -To repair this, use the floppy to run "disklabel -E wd0", then using the -"edit" command ensure the type field is set to "ST506". -
mac68k
-
-
- NEW SOFTWARE
-Unfortunately, X11 binaries for the mac68k did not manage to make it onto the -CDROM. However, X11 for the mac68k is immediately available from - -ftp://ftp.OpenBSD.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz. Please -be sure to read the README file also in that directory for instructions on installing -and setting up X. + - No problems identified yet.
-
- INSTALLATION PROCESS FLAW
-As shipped on the CDROM, both the - -generic kernel -and the - -genericsbc kernel -extract themselves into the wrong place in the filesystem. -Both should extract a kernel named /bsd, but they extract -the kernel into /usr/src/sys/arch/mac68k/compile instead. --This has been fixed on the ftp release of OpenBSD 2.2, and -fresh kernels are available from -ftp://ftp.OpenBSD.ORG/pub/OpenBSD/2.2/mac68k/. If at all possible, -installing these kernels is recommended. -
-A number of possible workarounds exist if you don't have easy access to ftp -the updated kernels. The simplest of these is to use a -MacOS program to uncompress and untar the kernel aad use the Installer's -mini-shell to "cpin" the kernel. Alternately, you could install the kernel -with the Installer and use the mini-shell to move the binary from /usr/src/... to /bsd. -
sparc
-
-
- RELIABILITY FIX
-Older 4/xxx systems (particularily the 4/300's) cannot boot -with the 2.2 kernel due to bugs in the scsi device driver. - -A kernel source patch is available. -Replacement kernels are available for: -bsd, -bsd.scsi3, -and a replacement for bsd.rd is coming soon. + - No problems identified yet.
- RELIABILITY FIX
-SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when -using a custom kernel configured for option sun4m only. - -A workaround (kernel source patch) is available. Apply the patch and -then re-build your kernel. -
amiga
-
-
-
- FUNCTIONALITY FIX
-Missing Xamiga manual pages. Get - -this package and execute, as root:
-# pkg_add Xamiga-manual.tgz
-The MD5 checksum of this package is:
-MD5 (Xamiga-manual.tgz) = 2362a7857264b9d17f65cca258b42031-
- FUNCTIONALITY FIX
-The Ariadne ethernet support was broken, there will be both binary and -source level fixes available shortly. If you are in a hurry mail -Niklas for a test kernel.+
- No problems identified yet.
+
pmax
-
-
- FUNCTIONALITY FIX
-There is a Year-1998 problem in the time-setting code (which causes the -date and time to be set incorrectly after a reboot in 1998). - -A source code patch file is available plus replacement installation -kernels for the 2.2 release at -bsd.NFS, -bsd, -bsd.rz0. + - No problems identified yet.
-
- FUNCTIONALITY FIX
-X11 support for the 3min and 3maxplus machines was broken -due to a kernel bug. - -A source code patch is available. - - SECURITY FIX
-A security problem in the shared library linker ld.so -requires that you replace it with a new binary. The following binary -will work on both pmax and arc machines. - -The replacement binary is here. -
arc
-
-
- SECURITY FIX
-A security problem in the shared library linker ld.so requires -that you replace it with a new binary. The following binary -will work on both pmax and arc machines. - -The replacement binary is here. + - No problems identified yet.
alpha
-
-
-
- MISSING FUNCTIONALITY
-Network Address Translation and other parts of IP Filtering to not work -on the alpha. This will be fixed in the 2.3 release, and perhaps earlier -in a snapshot. There is no patch for 2.2. + - No problems identified yet.
hp300
- No problems identified yet.
mvme68k
- No problems identified yet.
@@ -303,11 +83,12 @@
-For 2.1 errata, please refer here. +For 2.1 errata, please refer here.
+For 2.2 errata, please refer here.
www@openbsd.org
-
$OpenBSD: errata.html,v 1.92 1998/04/22 14:55:30 deraadt Exp $ +
$OpenBSD: errata.html,v 1.93 1998/04/23 14:28:13 deraadt Exp $