Annotation of www/errata.html, Revision 1.457
1.435 naddy 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
1.1 deraadt 2: <html>
3: <head>
1.440 deraadt 4: <title>OpenBSD 3.3 errata</title>
1.435 naddy 5: <link rev=made href="mailto:www@openbsd.org">
1.1 deraadt 6: <meta name="resource-type" content="document">
7: <meta name="description" content="the OpenBSD CD errata page">
8: <meta name="keywords" content="openbsd,cd,errata">
9: <meta name="distribution" content="global">
1.441 margarid 10: <meta name="copyright" content="This document copyright 1997-2003 by OpenBSD.">
1.1 deraadt 11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
1.394 jsyn 15: <a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
1.435 naddy 16: <h2><font color="#0000e0">
1.440 deraadt 17: This is the OpenBSD 3.3 release errata & patch list:
1.94 deraadt 18:
1.96 deraadt 19: </font></h2>
20:
1.94 deraadt 21: <hr>
1.240 jason 22: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.380 espie 23: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 24: <br>
1.419 deraadt 25: For errata on a certain release, click below:<br>
1.418 deraadt 26: <a href="errata21.html">2.1</a>,
27: <a href="errata22.html">2.2</a>,
28: <a href="errata23.html">2.3</a>,
29: <a href="errata24.html">2.4</a>,
30: <a href="errata25.html">2.5</a>,
31: <a href="errata26.html">2.6</a>,
32: <a href="errata27.html">2.7</a>,
33: <a href="errata28.html">2.8</a>,
34: <a href="errata29.html">2.9</a>,
35: <a href="errata30.html">3.0</a>,
1.440 deraadt 36: <a href="errata31.html">3.1</a>,
37: <a href="errata32.html">3.2</a>.
1.418 deraadt 38: <br>
1.94 deraadt 39: <hr>
40:
1.441 margarid 41: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3.tar.gz">
1.142 deraadt 42: You can also fetch a tar.gz file containing all the following patches</a>.
43: This file is updated once a day.
44:
1.240 jason 45: <p> The patches below are available in CVS via the
1.441 margarid 46: <code>OPENBSD_3_3</code> <a href="stable.html">patch branch</a>.
1.278 ericj 47:
48: <p>
1.420 deraadt 49: For more detailed information on how to install patches to OpenBSD, please
1.409 jufi 50: consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
1.142 deraadt 51: <hr>
52:
1.197 deraadt 53: <dl>
1.43 deraadt 54: <a name=all></a>
1.435 naddy 55: <li><h3><font color="#e00000">All architectures</font></h3>
1.25 deraadt 56: <ul>
1.457 ! margarid 57: <a name=arp></a>
! 58: <li><font color="#009000"><strong>008: RELIABILITY FIX: October 1, 2003</strong></font><br>
! 59: It is possible for a local user to cause a system panic by flooding it with spoofed ARP
! 60: requests.<br>
! 61: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/008_arp.patch">A source code patch exists which remedies the problem</a>.<br>
! 62: <p>
1.453 millert 63: <a name=asn1></a>
64: <li><font color="#009000"><strong>007: SECURITY FIX: October 1, 2003</strong></font><br>
65: The use of certain ASN.1 encodings or malformed public keys may allow an
66: attacker to mount a denial of service attack against applications linked with
67: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=3">ssl(3)</a>.
1.456 margarid 68: This does not affect OpenSSH.<br>
1.453 millert 69: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/007_asn1.patch">A source code patch exists which remedies the problem</a>.<br>
1.456 margarid 70: <p>
1.454 mcbride 71: <a name=pfnorm></a>
1.455 mcbride 72: <li><font color="#009000"><strong>006: SECURITY FIX: September 24, 2003</strong></font><br>
1.454 mcbride 73: Three cases of potential access to freed memory have been found in
1.456 margarid 74: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>.
75: At least one of them could be used to panic pf with active scrub rules remotely.<br>
1.454 mcbride 76: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/006_pfnorm.patch">A source code patch exists which remedies the problem</a>.<br>
1.456 margarid 77: <p>
1.451 millert 78: <a name=sendmail></a>
79: <li><font color="#009000"><strong>005: SECURITY FIX: September 17, 2003</strong></font><br>
80: A buffer overflow in the address parsing in
81: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>
82: may allow an attacker to gain root privileges.<br>
1.452 millert 83: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/005_sendmail.patch">A source code patch exists which remedies the problem</a>.<br>
84: NOTE: this is the <em>second</em> revision of the patch that fixes an additional
85: problem.
1.451 millert 86: <p>
1.449 millert 87: <a name=sshbuffer></a>
88: <li><font color="#009000"><strong>004: SECURITY FIX: September 16, 2003</strong></font><br>
89: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error.
1.451 millert 90: It is unclear whether or not this bug is exploitable.<br>
1.449 millert 91: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/004_sshbuffer.patch">A
1.451 millert 92: source code patch exists which remedies the problem</a>.<br>
1.450 millert 93: NOTE: this is the <em>second</em> revision of the patch that fixes an additional
94: problem.
1.449 millert 95: <p>
1.448 millert 96: <a name=sysvsem></a>
97: <li><font color="#009000"><strong>003: SECURITY FIX: September 10, 2003</strong></font><br>
98: Root may be able to reduce the security level by taking advantage of
99: an integer overflow when the semaphore limits are made very large.<br>
100: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/003_sysvsem.patch">A
101: source code patch exists which remedies the problem</a>.
102: <p>
103: <a name=semget></a>
1.446 millert 104: <li><font color="#009000"><strong>002: RELIABILITY FIX: August 20, 2003</strong></font><br>
1.445 millert 105: An improper bounds check in the
1.446 millert 106: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=semget&sektion=2">semget(2)</a>
1.445 millert 107: system call can allow a local user to cause a kernel panic.<br>
108: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/002_semget.patch">A
109: source code patch exists which remedies the problem</a>.
1.443 millert 110: <a name=realpath></a>
1.447 jufi 111: <p>
1.443 millert 112: <li><font color="#009000"><strong>001: SECURITY FIX: August 4, 2003</strong></font><br>
113: An off-by-one error exists in the C library function
114: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realpath&sektion=3">realpath(3)</a>.
115: Since this same bug resulted in a root compromise in the wu-ftpd ftp server
116: it is possible that this bug may allow an attacker to gain escalated privileges
117: on OpenBSD.<br>
1.444 millert 118: <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/001_realpath.patch">A
1.443 millert 119: source code patch exists which remedies the problem</a>.
120: <p>
1.25 deraadt 121: </ul>
1.177 deraadt 122: <p>
1.42 deraadt 123: <a name=i386></a>
1.435 naddy 124: <li><h3><font color="#e00000">i386</font></h3>
1.25 deraadt 125: <ul>
1.384 deraadt 126: <li>No problems identified yet.
1.323 deraadt 127: </ul>
1.285 deraadt 128: <p>
1.323 deraadt 129: <a name=alpha></a>
1.435 naddy 130: <li><h3><font color="#e00000">alpha</font></h3>
1.323 deraadt 131: <ul>
132: <li>No problems identified yet.
1.39 deraadt 133: </ul>
1.155 deraadt 134: <p>
1.47 deraadt 135: <a name=mac68k></a>
1.435 naddy 136: <li><h3><font color="#e00000">mac68k</font></h3>
1.39 deraadt 137: <ul>
1.323 deraadt 138: <li>No problems identified yet.
1.25 deraadt 139: </ul>
1.155 deraadt 140: <p>
1.65 deraadt 141: <a name=sparc></a>
1.435 naddy 142: <li><h3><font color="#e00000">sparc</font></h3>
1.25 deraadt 143: <ul>
1.323 deraadt 144: <li>No problems identified yet.
1.39 deraadt 145: </ul>
1.177 deraadt 146: <p>
1.355 deraadt 147: <a name=sparc64></a>
1.435 naddy 148: <li><h3><font color="#e00000">sparc64</font></h3>
1.93 deraadt 149: <ul>
1.384 deraadt 150: <li>No problems identified yet.
1.25 deraadt 151: </ul>
1.155 deraadt 152: <p>
1.442 henning 153: <a name=hppa></a>
154: <li><h3><font color="#e00000">hppa</font></h3>
1.25 deraadt 155: <ul>
1.281 deraadt 156: <li>No problems identified yet.
1.25 deraadt 157: </ul>
1.155 deraadt 158: <p>
1.281 deraadt 159: <a name=hp300></a>
1.435 naddy 160: <li><h3><font color="#e00000">hp300</font></h3>
1.59 deraadt 161: <ul>
1.323 deraadt 162: <li>No problems identified yet.
1.59 deraadt 163: </ul>
1.155 deraadt 164: <p>
1.281 deraadt 165: <a name=mvme68k></a>
1.435 naddy 166: <li><h3><font color="#e00000">mvme68k</font></h3>
1.56 deraadt 167: <ul>
1.323 deraadt 168: <li>No problems identified yet.
1.56 deraadt 169: </ul>
1.155 deraadt 170: <p>
1.355 deraadt 171: <a name=macppc></a>
1.435 naddy 172: <li><h3><font color="#e00000">macppc</font></h3>
1.110 millert 173: <ul>
1.384 deraadt 174: <li>No problems identified yet.
1.385 hugh 175: </ul>
1.386 hugh 176: <p>
1.281 deraadt 177: <a name=vax></a>
1.435 naddy 178: <li><h3><font color="#e00000">vax</font></h3>
1.25 deraadt 179: <ul>
1.232 deraadt 180: <li>No problems identified yet.
1.25 deraadt 181: </ul>
1.144 deraadt 182:
1.197 deraadt 183: </dl>
1.25 deraadt 184: <br>
1.75 deraadt 185:
1.25 deraadt 186: <hr>
1.240 jason 187: <a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
1.381 espie 188: <a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
1.418 deraadt 189: <br>
1.419 deraadt 190: For errata on a certain release, click below:<br>
1.418 deraadt 191: <a href="errata21.html">2.1</a>,
192: <a href="errata22.html">2.2</a>,
193: <a href="errata23.html">2.3</a>,
194: <a href="errata24.html">2.4</a>,
195: <a href="errata25.html">2.5</a>,
196: <a href="errata26.html">2.6</a>,
197: <a href="errata27.html">2.7</a>,
198: <a href="errata28.html">2.8</a>,
199: <a href="errata29.html">2.9</a>,
200: <a href="errata30.html">3.0</a>,
1.440 deraadt 201: <a href="errata31.html">3.1</a>,
202: <a href="errata32.html">3.2</a>.
1.418 deraadt 203: <br>
204:
1.2 deraadt 205: <hr>
1.186 deraadt 206: <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
1.435 naddy 207: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
1.457 ! margarid 208: <br><small>$OpenBSD: errata.html,v 1.456 2003/10/04 17:54:20 margarida Exp $</small>
1.2 deraadt 209:
210: </body>
211: </html>