Annotation of www/errata.html, Revision 1.456
1.435 naddy 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.440 deraadt 4: <title>OpenBSD 3.3 errata</title>
1.435 naddy 5: <link rev=made href="mailto:www@openbsd.org">
1.1 deraadt 6: <meta name="resource-type" content="document">
7: <meta name="description" content="the OpenBSD CD errata page">
8: <meta name="keywords" content="openbsd,cd,errata">
9: <meta name="distribution" content="global">
1.441 margarid 10: <meta name="copyright" content="This document copyright 1997-2003 by OpenBSD.">
1.1 deraadt 11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.394 jsyn 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.435 naddy 16: <h2><font color="#0000e0">
1.440 deraadt 17: This is the OpenBSD 3.3 release errata & patch list:
1.94 deraadt 18:
1.96 deraadt 19: </font></h2>
20:
1.94 deraadt 21: <hr>
1.240 jason 22: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.380 espie 23: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 24: <br>
1.419 deraadt 25: For errata on a certain release, click below:<br>
1.418 deraadt 26: <a href="errata21.html">2.1</a>,
27: <a href="errata22.html">2.2</a>,
28: <a href="errata23.html">2.3</a>,
29: <a href="errata24.html">2.4</a>,
30: <a href="errata25.html">2.5</a>,
31: <a href="errata26.html">2.6</a>,
32: <a href="errata27.html">2.7</a>,
33: <a href="errata28.html">2.8</a>,
34: <a href="errata29.html">2.9</a>,
35: <a href="errata30.html">3.0</a>,
1.440 deraadt 36: <a href="errata31.html">3.1</a>,
37: <a href="errata32.html">3.2</a>.
1.418 deraadt 38: <br>
1.94 deraadt 39: <hr>
40:
1.441 margarid 41: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3.tar.gz">
1.142 deraadt 42: You can also fetch a tar.gz file containing all the following patches</a>.
43: This file is updated once a day.
44:
1.240 jason 45: <p> The patches below are available in CVS via the
1.441 margarid 46: <code>OPENBSD_3_3</code> <a href="stable.html">patch branch</a>.
1.278 ericj 47:
48: <p>
1.420 deraadt 49: For more detailed information on how to install patches to OpenBSD, please
1.409 jufi 50: consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
1.142 deraadt 51: <hr>
52:
1.197 deraadt 53: <dl>
1.43 deraadt 54: <a name=all></a>
1.435 naddy 55: <li><h3><font color="#e00000">All architectures</font></h3>
1.25 deraadt 56: <ul>
1.453 millert 57: <a name=asn1></a>
58: <li><font color="#009000"><strong>007: SECURITY FIX: October 1, 2003</strong></font><br>
59: The use of certain ASN.1 encodings or malformed public keys may allow an
60: attacker to mount a denial of service attack against applications linked with
61: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>.
1.456 ! margarid 62: This does not affect OpenSSH.<br>
1.453 millert 63: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/007_asn1.patch">A source code patch exists which remedies the problem</a>.<br>
1.456 ! margarid 64: <p>
1.454 mcbride 65: <a name=pfnorm></a>
1.455 mcbride 66: <li><font color="#009000"><strong>006: SECURITY FIX: September 24, 2003</strong></font><br>
1.454 mcbride 67: Three cases of potential access to freed memory have been found in
1.456 ! margarid 68: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>.
! 69: At least one of them could be used to panic pf with active scrub rules remotely.<br>
1.454 mcbride 70: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/006_pfnorm.patch">A source code patch exists which remedies the problem</a>.<br>
1.456 ! margarid 71: <p>
1.451 millert 72: <a name=sendmail></a>
73: <li><font color="#009000"><strong>005: SECURITY FIX: September 17, 2003</strong></font><br>
74: A buffer overflow in the address parsing in
75: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>
76: may allow an attacker to gain root privileges.<br>
1.452 millert 77: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/005_sendmail.patch">A source code patch exists which remedies the problem</a>.<br>
78: NOTE: this is the <em>second</em> revision of the patch that fixes an additional
79: problem.
1.451 millert 80: <p>
1.449 millert 81: <a name=sshbuffer></a>
82: <li><font color="#009000"><strong>004: SECURITY FIX: September 16, 2003</strong></font><br>
83: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error.
1.451 millert 84: It is unclear whether or not this bug is exploitable.<br>
1.449 millert 85: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/004_sshbuffer.patch">A
1.451 millert 86: source code patch exists which remedies the problem</a>.<br>
1.450 millert 87: NOTE: this is the <em>second</em> revision of the patch that fixes an additional
88: problem.
1.449 millert 89: <p>
1.448 millert 90: <a name=sysvsem></a>
91: <li><font color="#009000"><strong>003: SECURITY FIX: September 10, 2003</strong></font><br>
92: Root may be able to reduce the security level by taking advantage of
93: an integer overflow when the semaphore limits are made very large.<br>
94: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/003_sysvsem.patch">A
95: source code patch exists which remedies the problem</a>.
96: <p>
97: <a name=semget></a>
1.446 millert 98: <li><font color="#009000"><strong>002: RELIABILITY FIX: August 20, 2003</strong></font><br>
1.445 millert 99: An improper bounds check in the
1.446 millert 100: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semget&sektion=2">semget(2)</a>
1.445 millert 101: system call can allow a local user to cause a kernel panic.<br>
102: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/002_semget.patch">A
103: source code patch exists which remedies the problem</a>.
1.443 millert 104: <a name=realpath></a>
1.447 jufi 105: <p>
1.443 millert 106: <li><font color="#009000"><strong>001: SECURITY FIX: August 4, 2003</strong></font><br>
107: An off-by-one error exists in the C library function
108: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realpath&sektion=3">realpath(3)</a>.
109: Since this same bug resulted in a root compromise in the wu-ftpd ftp server
110: it is possible that this bug may allow an attacker to gain escalated privileges
111: on OpenBSD.<br>
1.444 millert 112: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/001_realpath.patch">A
1.443 millert 113: source code patch exists which remedies the problem</a>.
114: <p>
1.25 deraadt 115: </ul>
1.177 deraadt 116: <p>
1.42 deraadt 117: <a name=i386></a>
1.435 naddy 118: <li><h3><font color="#e00000">i386</font></h3>
1.25 deraadt 119: <ul>
1.384 deraadt 120: <li>No problems identified yet.
1.323 deraadt 121: </ul>
1.285 deraadt 122: <p>
1.323 deraadt 123: <a name=alpha></a>
1.435 naddy 124: <li><h3><font color="#e00000">alpha</font></h3>
1.323 deraadt 125: <ul>
126: <li>No problems identified yet.
1.39 deraadt 127: </ul>
1.155 deraadt 128: <p>
1.47 deraadt 129: <a name=mac68k></a>
1.435 naddy 130: <li><h3><font color="#e00000">mac68k</font></h3>
1.39 deraadt 131: <ul>
1.323 deraadt 132: <li>No problems identified yet.
1.25 deraadt 133: </ul>
1.155 deraadt 134: <p>
1.65 deraadt 135: <a name=sparc></a>
1.435 naddy 136: <li><h3><font color="#e00000">sparc</font></h3>
1.25 deraadt 137: <ul>
1.323 deraadt 138: <li>No problems identified yet.
1.39 deraadt 139: </ul>
1.177 deraadt 140: <p>
1.355 deraadt 141: <a name=sparc64></a>
1.435 naddy 142: <li><h3><font color="#e00000">sparc64</font></h3>
1.93 deraadt 143: <ul>
1.384 deraadt 144: <li>No problems identified yet.
1.25 deraadt 145: </ul>
1.155 deraadt 146: <p>
1.442 henning 147: <a name=hppa></a>
148: <li><h3><font color="#e00000">hppa</font></h3>
1.25 deraadt 149: <ul>
1.281 deraadt 150: <li>No problems identified yet.
1.25 deraadt 151: </ul>
1.155 deraadt 152: <p>
1.281 deraadt 153: <a name=hp300></a>
1.435 naddy 154: <li><h3><font color="#e00000">hp300</font></h3>
1.59 deraadt 155: <ul>
1.323 deraadt 156: <li>No problems identified yet.
1.59 deraadt 157: </ul>
1.155 deraadt 158: <p>
1.281 deraadt 159: <a name=mvme68k></a>
1.435 naddy 160: <li><h3><font color="#e00000">mvme68k</font></h3>
1.56 deraadt 161: <ul>
1.323 deraadt 162: <li>No problems identified yet.
1.56 deraadt 163: </ul>
1.155 deraadt 164: <p>
1.355 deraadt 165: <a name=macppc></a>
1.435 naddy 166: <li><h3><font color="#e00000">macppc</font></h3>
1.110 millert 167: <ul>
1.384 deraadt 168: <li>No problems identified yet.
1.385 hugh 169: </ul>
1.386 hugh 170: <p>
1.281 deraadt 171: <a name=vax></a>
1.435 naddy 172: <li><h3><font color="#e00000">vax</font></h3>
1.25 deraadt 173: <ul>
1.232 deraadt 174: <li>No problems identified yet.
1.25 deraadt 175: </ul>
1.144 deraadt 176:
1.197 deraadt 177: </dl>
1.25 deraadt 178: <br>
1.75 deraadt 179:
1.25 deraadt 180: <hr>
1.240 jason 181: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.381 espie 182: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 183: <br>
1.419 deraadt 184: For errata on a certain release, click below:<br>
1.418 deraadt 185: <a href="errata21.html">2.1</a>,
186: <a href="errata22.html">2.2</a>,
187: <a href="errata23.html">2.3</a>,
188: <a href="errata24.html">2.4</a>,
189: <a href="errata25.html">2.5</a>,
190: <a href="errata26.html">2.6</a>,
191: <a href="errata27.html">2.7</a>,
192: <a href="errata28.html">2.8</a>,
193: <a href="errata29.html">2.9</a>,
194: <a href="errata30.html">3.0</a>,
1.440 deraadt 195: <a href="errata31.html">3.1</a>,
196: <a href="errata32.html">3.2</a>.
1.418 deraadt 197: <br>
198:
1.2 deraadt 199: <hr>
1.186 deraadt 200: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.435 naddy 201: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
1.456 ! margarid 202: <br><small>$OpenBSD: errata.html,v 1.455 2003/10/04 16:53:48 mcbride Exp $</small>
1.2 deraadt 203:
204: </body>
205: </html>
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www