File: [local] / www / errata.html (download) (as text)
Revision 1.288, Fri Dec 8 16:53:08 2000 UTC (23 years, 5 months ago) by deraadt
Branch: MAIN
Changes since 1.287: +3 -3 lines
oops, numbering issue
|
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
<html>
<head>
<title>OpenBSD 2.8 errata</title>
<link rev=made href=mailto:www@openbsd.org>
<meta name="resource-type" content="document">
<meta name="description" content="the OpenBSD CD errata page">
<meta name="keywords" content="openbsd,cd,errata">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997-1998 by OpenBSD.">
</head>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
<img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
<h2><font color=#0000e0>
This is the OpenBSD 2.8 release errata & patch list:
</font></h2>
<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
<a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
<a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
<a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
<a href=errata25.html>For 2.5 errata, please refer here</a>.<br>
<a href=errata26.html>For 2.6 errata, please refer here</a>.<br>
<a href=errata27.html>For 2.7 errata, please refer here</a>.<br>
<hr>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8.tar.gz>
You can also fetch a tar.gz file containing all the following patches</a>.
This file is updated once a day.
<p> The patches below are available in CVS via the
<code>OPENBSD_2_8</code> <a href="stable.html">patch branch</a>.
<p>
For more detailed information on install patches to OpenBSD, please
consult the <a href="./faq/faq10.html#10.14">OpenBSD FAQ</a>.
<hr>
<dl>
<a name=all></a>
<li><h3><font color=#e00000>All architectures</font></h3>
<ul>
<a name=kerberos></a>
<li><font color=#009000><strong>008: SECURITY FIX: Dec 7, 2000</strong></font><br>
Two problems have recently been discovered in the KerberosIV code.<p>
1. A symlink problem was discovered in the KerberosIV password checking
routines /usr/bin/su and /usr/bin/login, which makes it possible for a
local user to overwrite any file on the local machine.<p>
2. It is possible to specify environment variables in telnet
which will be passed over the to the remote host. This makes it
possible to set environment variables on the remote side, including
ones that have special meaning on the server. It is not clear at this
time what the impact is, but we recommend everyone to upgrade their
machines immediatly.<p>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/008_kerberos.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=ftpd></a>
<li><font color=#009000><strong>005: SECURITY FIX: Dec 4, 2000</strong></font><br>
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/005_ftpd.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=rijndael> </a>
<li><font color=#009000><strong>004: RELIABILITY FIX: Nov 17, 2000</strong></font><br>
AES (rijndael) encryption and decryption were broken for IPSec and swap
encryption.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/004_rijndael.patch">
A source code patch exists which remedies the problem.</a>
<p>
<li><font color=#009000><strong>002: IMPLEMENTATION FIX: Nov 10, 2000</strong></font><br>
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider
that kind of important.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/002_sshskey.patch>
A source code patch exists which remedies this problem.</a>
</ul>
<p>
<a name=i386></a>
<li><h3><font color=#e00000>i386</font></h3>
<ul>
<a name=pcibios></a>
<li><font color=#009000><strong>006: STABILITY FIX: Dec 4, 2000</strong></font><br>
On some machines, a PCIBIOS device driver interrupt allocation bug can cause a
kernel hang while probing PCI devices. If you have this symptom, you can disable
PCIBIOS as a workaround. To do this,
<ul>
<li>Enter the User Kernel Configuration by booting with the
option "boot -c".
<li>Once at the <i>UKC></i> prompt, enter <pre><tt>
UKC> disable pcibios
UKC> quit
</tt></pre>
<li>See <a href="./faq/faq5.html#5.6">FAQ 5.6</a> after a successful
boot for instructions on how to re-write your kernel to disable PCIBIOS
permanently.
</ul>
<p>
</ul>
<p>
<a name=mac68k></a>
<li><h3><font color=#e00000>mac68k</font></h3>
<ul>
<a name=x_mac68k></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mac68k/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mac68k/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
</ul>
<p>
<a name=sparc></a>
<li><h3><font color=#e00000>sparc</font></h3>
<ul>
<a name=x_sparc></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sparc/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sparc/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
<p>
<a name=qe></a>
<li><font color=#009000><strong>003: RELIABILITY FIX: Nov 17, 2000</strong></font><br>
Configuring a qec+qe causes a NMI panic.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/003_qe.patch>
A source code patch exists which remedies this problem.</a>
<p>
<a name=zsconsole> </a>
<li><font color=#009000><strong>001: RELIABILITY FIX: Nov 10, 2000</strong></font><br>
When running a sparc with a serial console, certain types of interrupts would
cause great grief.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/001_zsconsole.patch>
A source code patch exists which remedies this problem.</a>
</ul>
<p>
<a name=amiga></a>
<li><h3><font color=#e00000>amiga</font></h3>
<ul>
<a name=x_amiga></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/amiga/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/amiga/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
</ul>
<p>
<a name=pmax></a>
<li><h3><font color=#e00000>pmax</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name=hp300></a>
<li><h3><font color=#e00000>hp300</font></h3>
<ul>
<a name=x_hp300></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/hp300/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/hp300/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
</ul>
<p>
<a name=mvme68k></a>
<li><h3><font color=#e00000>mvme68k</font></h3>
<ul>
<a name=x_mvme68k></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mvme68k/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mvme68k/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
</ul>
<p>
<a name=powerpc></a>
<li><h3><font color=#e00000>powerpc</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name=vax></a>
<li><h3><font color=#e00000>vax</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name=sun3></a>
<li><h3><font color=#e00000>sun3</font></h3>
<ul>
<a name=x_sun3></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install. These packages can be
added post-install by using the following command:
<tt><pre>
# cd /; tar xvfpz xshare28.tgz
# cd /; tar xvfpz xfont28.tgz
</pre></tt>
</ul>
</dl>
<br>
<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
<a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
<a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
<a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
<a href=errata25.html>For 2.5 errata, please refer here</a>.<br>
<a href=errata26.html>For 2.6 errata, please refer here</a>.<br>
<a href=errata27.html>For 2.7 errata, please refer here</a>.<br>
<hr>
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
<a href=mailto:www@openbsd.org>www@openbsd.org</a>
<br><small>$OpenBSD: errata.html,v 1.288 2000/12/08 16:53:08 deraadt Exp $</small>
</body>
</html>
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www