Annotation of www/errata.html, Revision 1.425
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.417 miod 4: <title>OpenBSD 3.2 errata</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the OpenBSD CD errata page">
8: <meta name="keywords" content="openbsd,cd,errata">
9: <meta name="distribution" content="global">
1.372 horacio 10: <meta name="copyright" content="This document copyright 1997-2002 by OpenBSD.">
1.1 deraadt 11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.394 jsyn 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.68 deraadt 16: <h2><font color=#0000e0>
1.417 miod 17: This is the OpenBSD 3.2 release errata & patch list:
1.94 deraadt 18:
1.96 deraadt 19: </font></h2>
20:
1.94 deraadt 21: <hr>
1.240 jason 22: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.380 espie 23: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 24: <br>
1.419 deraadt 25: For errata on a certain release, click below:<br>
1.418 deraadt 26: <a href="errata21.html">2.1</a>,
27: <a href="errata22.html">2.2</a>,
28: <a href="errata23.html">2.3</a>,
29: <a href="errata24.html">2.4</a>,
30: <a href="errata25.html">2.5</a>,
31: <a href="errata26.html">2.6</a>,
32: <a href="errata27.html">2.7</a>,
33: <a href="errata28.html">2.8</a>,
34: <a href="errata29.html">2.9</a>,
35: <a href="errata30.html">3.0</a>,
36: <a href="errata31.html">3.1</a>.
37: <br>
1.94 deraadt 38: <hr>
39:
1.417 miod 40: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2.tar.gz>
1.142 deraadt 41: You can also fetch a tar.gz file containing all the following patches</a>.
42: This file is updated once a day.
43:
1.240 jason 44: <p> The patches below are available in CVS via the
1.420 deraadt 45: <code>OPENBSD_3_2</code> <a href="stable.html">patch branch</a>.
1.278 ericj 46:
47: <p>
1.420 deraadt 48: For more detailed information on how to install patches to OpenBSD, please
1.409 jufi 49: consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
1.142 deraadt 50: <hr>
51:
1.197 deraadt 52: <dl>
1.43 deraadt 53: <a name=all></a>
1.67 deraadt 54: <li><h3><font color=#e00000>All architectures</font></h3>
1.25 deraadt 55: <ul>
1.425 ! millert 56: <a name=cvs></a>
! 57: <li><font color=#009000><strong>006: SECURITY FIX: January 20, 2003</strong></font><br>
! 58: A double free in
! 59: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>
! 60: could allow an attacker to execute code with the privileges of the
! 61: user running cvs. This is only an issue when the cvs command is
! 62: being run on a user's behalf as a different user. This means that,
! 63: in most cases, the issue only exists for cvs configurations that use
! 64: the <em>pserver</em> client/server connection method.
! 65: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/006_cvs.patch">A
! 66: source code patch exists which remedies the problem</a>.
! 67: <p>
1.423 millert 68: <a name=named></a>
69: <li><font color=#009000><strong>005: SECURITY FIX: November 14, 2002</strong></font><br>
70: A buffer overflow in
71: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>
72: could allow an attacker to execute code with the privileges of named.
73: On OpenBSD, named runs as a non-root user in a chrooted environment
1.424 millert 74: which mitigates the effects of this bug.<br>
1.423 millert 75: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/005_named.patch">A
76: source code patch exists which remedies the problem</a>.
77: <p>
1.422 miod 78: <a name=pool></a>
79: <li><font color=#009000><strong>004: RELIABILITY FIX: November 6, 2002</strong></font><br>
80: A logic error in the
81: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool</a>
82: kernel memory allocator could cause memory corruption in low-memory situations,
83: causing the system to crash.<br>
84: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/004_pool.patch">A
85: source code patch exists which remedies the problem</a>.
86: <p>
87: <a name=smrsh></a>
88: <li><font color=#009000><strong>003: SECURITY FIX: November 6, 2002</strong></font><br>
89: An attacker can bypass the restrictions imposed by sendmail's restricted shell,
90: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smrsh&sektion=8">smrsh(8)</a>,
91: and execute arbitrary commands with the privileges of his own account.<br>
92: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/003_smrsh.patch">A
93: source code patch exists which remedies the problem</a>.
94: <p>
95: <a name=pfbridge></a>
96: <li><font color=#009000><strong>002: RELIABILITY FIX: November 6, 2002</strong></font><br>
97: Network
98: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridges</a>
99: running
100: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf</a>
101: with scrubbing enabled could cause mbuf corruption,
102: causing the system to crash.<br>
103: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/002_pfbridge.patch">A
104: source code patch exists which remedies the problem</a>.
105: <p>
1.421 miod 106: <a name=kadmin></a>
107: <li><font color=#009000><strong>001: SECURITY FIX: October 21, 2002</strong></font><br>
108: A buffer overflow can occur in the
109: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kadmind&sektion=8">kadmind(8)</a>
110: daemon, leading to possible remote crash or exploit.<br>
111: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/001_kadmin.patch">A source code patch exists which remedies the problem</a>.
112: <p>
1.25 deraadt 113: </ul>
1.177 deraadt 114: <p>
1.42 deraadt 115: <a name=i386></a>
1.67 deraadt 116: <li><h3><font color=#e00000>i386</font></h3>
1.25 deraadt 117: <ul>
1.384 deraadt 118: <li>No problems identified yet.
1.323 deraadt 119: </ul>
1.285 deraadt 120: <p>
1.323 deraadt 121: <a name=alpha></a>
122: <li><h3><font color=#e00000>alpha</font></h3>
123: <ul>
124: <li>No problems identified yet.
1.39 deraadt 125: </ul>
1.155 deraadt 126: <p>
1.47 deraadt 127: <a name=mac68k></a>
1.67 deraadt 128: <li><h3><font color=#e00000>mac68k</font></h3>
1.39 deraadt 129: <ul>
1.323 deraadt 130: <li>No problems identified yet.
1.25 deraadt 131: </ul>
1.155 deraadt 132: <p>
1.65 deraadt 133: <a name=sparc></a>
1.67 deraadt 134: <li><h3><font color=#e00000>sparc</font></h3>
1.25 deraadt 135: <ul>
1.323 deraadt 136: <li>No problems identified yet.
1.39 deraadt 137: </ul>
1.177 deraadt 138: <p>
1.355 deraadt 139: <a name=sparc64></a>
140: <li><h3><font color=#e00000>sparc64</font></h3>
1.93 deraadt 141: <ul>
1.384 deraadt 142: <li>No problems identified yet.
1.25 deraadt 143: </ul>
1.155 deraadt 144: <p>
1.355 deraadt 145: <a name=amiga></a>
146: <li><h3><font color=#e00000>amiga</font></h3>
1.25 deraadt 147: <ul>
1.281 deraadt 148: <li>No problems identified yet.
1.25 deraadt 149: </ul>
1.155 deraadt 150: <p>
1.281 deraadt 151: <a name=hp300></a>
152: <li><h3><font color=#e00000>hp300</font></h3>
1.59 deraadt 153: <ul>
1.323 deraadt 154: <li>No problems identified yet.
1.59 deraadt 155: </ul>
1.155 deraadt 156: <p>
1.281 deraadt 157: <a name=mvme68k></a>
158: <li><h3><font color=#e00000>mvme68k</font></h3>
1.56 deraadt 159: <ul>
1.323 deraadt 160: <li>No problems identified yet.
1.56 deraadt 161: </ul>
1.155 deraadt 162: <p>
1.355 deraadt 163: <a name=macppc></a>
164: <li><h3><font color=#e00000>macppc</font></h3>
1.110 millert 165: <ul>
1.384 deraadt 166: <li>No problems identified yet.
1.385 hugh 167: </ul>
1.386 hugh 168: <p>
1.281 deraadt 169: <a name=vax></a>
170: <li><h3><font color=#e00000>vax</font></h3>
1.25 deraadt 171: <ul>
1.232 deraadt 172: <li>No problems identified yet.
1.25 deraadt 173: </ul>
1.144 deraadt 174:
1.197 deraadt 175: </dl>
1.25 deraadt 176: <br>
1.75 deraadt 177:
1.25 deraadt 178: <hr>
1.240 jason 179: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.381 espie 180: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 181: <br>
1.419 deraadt 182: For errata on a certain release, click below:<br>
1.418 deraadt 183: <a href="errata21.html">2.1</a>,
184: <a href="errata22.html">2.2</a>,
185: <a href="errata23.html">2.3</a>,
186: <a href="errata24.html">2.4</a>,
187: <a href="errata25.html">2.5</a>,
188: <a href="errata26.html">2.6</a>,
189: <a href="errata27.html">2.7</a>,
190: <a href="errata28.html">2.8</a>,
191: <a href="errata29.html">2.9</a>,
192: <a href="errata30.html">3.0</a>,
193: <a href="errata31.html">3.1</a>.
194: <br>
195:
1.2 deraadt 196: <hr>
1.186 deraadt 197: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.2 deraadt 198: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.425 ! millert 199: <br><small>$OpenBSD: errata.html,v 1.424 2002/11/16 18:25:07 millert Exp $</small>
1.2 deraadt 200:
201: </body>
202: </html>
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www