Annotation of www/errata.html, Revision 1.427
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
1.417 miod 4: <title>OpenBSD 3.2 errata</title>
1.1 deraadt 5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the OpenBSD CD errata page">
8: <meta name="keywords" content="openbsd,cd,errata">
9: <meta name="distribution" content="global">
1.372 horacio 10: <meta name="copyright" content="This document copyright 1997-2002 by OpenBSD.">
1.1 deraadt 11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.394 jsyn 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.68 deraadt 16: <h2><font color=#0000e0>
1.417 miod 17: This is the OpenBSD 3.2 release errata & patch list:
1.94 deraadt 18:
1.96 deraadt 19: </font></h2>
20:
1.94 deraadt 21: <hr>
1.240 jason 22: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.380 espie 23: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 24: <br>
1.419 deraadt 25: For errata on a certain release, click below:<br>
1.418 deraadt 26: <a href="errata21.html">2.1</a>,
27: <a href="errata22.html">2.2</a>,
28: <a href="errata23.html">2.3</a>,
29: <a href="errata24.html">2.4</a>,
30: <a href="errata25.html">2.5</a>,
31: <a href="errata26.html">2.6</a>,
32: <a href="errata27.html">2.7</a>,
33: <a href="errata28.html">2.8</a>,
34: <a href="errata29.html">2.9</a>,
35: <a href="errata30.html">3.0</a>,
36: <a href="errata31.html">3.1</a>.
37: <br>
1.94 deraadt 38: <hr>
39:
1.417 miod 40: <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2.tar.gz>
1.142 deraadt 41: You can also fetch a tar.gz file containing all the following patches</a>.
42: This file is updated once a day.
43:
1.240 jason 44: <p> The patches below are available in CVS via the
1.420 deraadt 45: <code>OPENBSD_3_2</code> <a href="stable.html">patch branch</a>.
1.278 ericj 46:
47: <p>
1.420 deraadt 48: For more detailed information on how to install patches to OpenBSD, please
1.409 jufi 49: consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
1.142 deraadt 50: <hr>
51:
1.197 deraadt 52: <dl>
1.43 deraadt 53: <a name=all></a>
1.67 deraadt 54: <li><h3><font color=#e00000>All architectures</font></h3>
1.25 deraadt 55: <ul>
1.426 margarid 56: <a name=ssl></a>
57: <li><font color=#009000><strong>007: SECURITY FIX: February 22, 2003</strong></font><br>
1.427 ! margarid 58: In
! 59: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> an information leak can occur via timing by performing a MAC computation
1.426 margarid 60: even if incorrrect block cipher padding has been found. This fix is a
61: countermeasure against active attacks where the attacker has to distinguish
62: between bad padding and a MAC verification error. (CAN-2003-0078).
63: Also, check for negative sizes in memory allocation routines.
64: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/007_ssl.patch">A
65: source code patch exists which fixes these two issues</a>.
66: <p>
1.425 millert 67: <a name=cvs></a>
68: <li><font color=#009000><strong>006: SECURITY FIX: January 20, 2003</strong></font><br>
69: A double free in
70: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>
71: could allow an attacker to execute code with the privileges of the
72: user running cvs. This is only an issue when the cvs command is
73: being run on a user's behalf as a different user. This means that,
74: in most cases, the issue only exists for cvs configurations that use
75: the <em>pserver</em> client/server connection method.
76: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/006_cvs.patch">A
77: source code patch exists which remedies the problem</a>.
78: <p>
1.423 millert 79: <a name=named></a>
80: <li><font color=#009000><strong>005: SECURITY FIX: November 14, 2002</strong></font><br>
81: A buffer overflow in
82: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a>
83: could allow an attacker to execute code with the privileges of named.
84: On OpenBSD, named runs as a non-root user in a chrooted environment
1.424 millert 85: which mitigates the effects of this bug.<br>
1.423 millert 86: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/005_named.patch">A
87: source code patch exists which remedies the problem</a>.
88: <p>
1.422 miod 89: <a name=pool></a>
90: <li><font color=#009000><strong>004: RELIABILITY FIX: November 6, 2002</strong></font><br>
91: A logic error in the
92: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pool&sektion=9">pool</a>
93: kernel memory allocator could cause memory corruption in low-memory situations,
94: causing the system to crash.<br>
95: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/004_pool.patch">A
96: source code patch exists which remedies the problem</a>.
97: <p>
98: <a name=smrsh></a>
99: <li><font color=#009000><strong>003: SECURITY FIX: November 6, 2002</strong></font><br>
100: An attacker can bypass the restrictions imposed by sendmail's restricted shell,
101: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smrsh&sektion=8">smrsh(8)</a>,
102: and execute arbitrary commands with the privileges of his own account.<br>
103: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/003_smrsh.patch">A
104: source code patch exists which remedies the problem</a>.
105: <p>
106: <a name=pfbridge></a>
107: <li><font color=#009000><strong>002: RELIABILITY FIX: November 6, 2002</strong></font><br>
108: Network
109: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridges</a>
110: running
111: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf</a>
112: with scrubbing enabled could cause mbuf corruption,
113: causing the system to crash.<br>
114: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/002_pfbridge.patch">A
115: source code patch exists which remedies the problem</a>.
116: <p>
1.421 miod 117: <a name=kadmin></a>
118: <li><font color=#009000><strong>001: SECURITY FIX: October 21, 2002</strong></font><br>
119: A buffer overflow can occur in the
120: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kadmind&sektion=8">kadmind(8)</a>
121: daemon, leading to possible remote crash or exploit.<br>
122: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/001_kadmin.patch">A source code patch exists which remedies the problem</a>.
123: <p>
1.25 deraadt 124: </ul>
1.177 deraadt 125: <p>
1.42 deraadt 126: <a name=i386></a>
1.67 deraadt 127: <li><h3><font color=#e00000>i386</font></h3>
1.25 deraadt 128: <ul>
1.384 deraadt 129: <li>No problems identified yet.
1.323 deraadt 130: </ul>
1.285 deraadt 131: <p>
1.323 deraadt 132: <a name=alpha></a>
133: <li><h3><font color=#e00000>alpha</font></h3>
134: <ul>
135: <li>No problems identified yet.
1.39 deraadt 136: </ul>
1.155 deraadt 137: <p>
1.47 deraadt 138: <a name=mac68k></a>
1.67 deraadt 139: <li><h3><font color=#e00000>mac68k</font></h3>
1.39 deraadt 140: <ul>
1.323 deraadt 141: <li>No problems identified yet.
1.25 deraadt 142: </ul>
1.155 deraadt 143: <p>
1.65 deraadt 144: <a name=sparc></a>
1.67 deraadt 145: <li><h3><font color=#e00000>sparc</font></h3>
1.25 deraadt 146: <ul>
1.323 deraadt 147: <li>No problems identified yet.
1.39 deraadt 148: </ul>
1.177 deraadt 149: <p>
1.355 deraadt 150: <a name=sparc64></a>
151: <li><h3><font color=#e00000>sparc64</font></h3>
1.93 deraadt 152: <ul>
1.384 deraadt 153: <li>No problems identified yet.
1.25 deraadt 154: </ul>
1.155 deraadt 155: <p>
1.355 deraadt 156: <a name=amiga></a>
157: <li><h3><font color=#e00000>amiga</font></h3>
1.25 deraadt 158: <ul>
1.281 deraadt 159: <li>No problems identified yet.
1.25 deraadt 160: </ul>
1.155 deraadt 161: <p>
1.281 deraadt 162: <a name=hp300></a>
163: <li><h3><font color=#e00000>hp300</font></h3>
1.59 deraadt 164: <ul>
1.323 deraadt 165: <li>No problems identified yet.
1.59 deraadt 166: </ul>
1.155 deraadt 167: <p>
1.281 deraadt 168: <a name=mvme68k></a>
169: <li><h3><font color=#e00000>mvme68k</font></h3>
1.56 deraadt 170: <ul>
1.323 deraadt 171: <li>No problems identified yet.
1.56 deraadt 172: </ul>
1.155 deraadt 173: <p>
1.355 deraadt 174: <a name=macppc></a>
175: <li><h3><font color=#e00000>macppc</font></h3>
1.110 millert 176: <ul>
1.384 deraadt 177: <li>No problems identified yet.
1.385 hugh 178: </ul>
1.386 hugh 179: <p>
1.281 deraadt 180: <a name=vax></a>
181: <li><h3><font color=#e00000>vax</font></h3>
1.25 deraadt 182: <ul>
1.232 deraadt 183: <li>No problems identified yet.
1.25 deraadt 184: </ul>
1.144 deraadt 185:
1.197 deraadt 186: </dl>
1.25 deraadt 187: <br>
1.75 deraadt 188:
1.25 deraadt 189: <hr>
1.240 jason 190: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.381 espie 191: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 192: <br>
1.419 deraadt 193: For errata on a certain release, click below:<br>
1.418 deraadt 194: <a href="errata21.html">2.1</a>,
195: <a href="errata22.html">2.2</a>,
196: <a href="errata23.html">2.3</a>,
197: <a href="errata24.html">2.4</a>,
198: <a href="errata25.html">2.5</a>,
199: <a href="errata26.html">2.6</a>,
200: <a href="errata27.html">2.7</a>,
201: <a href="errata28.html">2.8</a>,
202: <a href="errata29.html">2.9</a>,
203: <a href="errata30.html">3.0</a>,
204: <a href="errata31.html">3.1</a>.
205: <br>
206:
1.2 deraadt 207: <hr>
1.186 deraadt 208: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.2 deraadt 209: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.427 ! margarid 210: <br><small>$OpenBSD: errata.html,v 1.426 2003/02/22 22:50:04 margarida Exp $</small>
1.2 deraadt 211:
212: </body>
213: </html>