version 1.36, 2002/10/17 21:38:38 |
version 1.37, 2003/03/06 21:44:07 |
|
|
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN"> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<html> |
<html> |
<head> |
<head> |
<title>OpenBSD 2.2 errata</title> |
<title>OpenBSD 2.2 errata</title> |
<link rev=made href=mailto:www@openbsd.org> |
<link rev=made href="mailto:www@openbsd.org"> |
<meta name="resource-type" content="document"> |
<meta name="resource-type" content="document"> |
<meta name="description" content="the OpenBSD CD errata page"> |
<meta name="description" content="the OpenBSD CD errata page"> |
<meta name="keywords" content="openbsd,cd,errata"> |
<meta name="keywords" content="openbsd,cd,errata"> |
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
|
|
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a> |
<h2><font color=#0000e0> |
<h2><font color="#0000e0"> |
This is the OpenBSD 2.2 release errata & patch list: |
This is the OpenBSD 2.2 release errata & patch list: |
</font></h2> |
</font></h2> |
|
|
|
|
<br> |
<br> |
<hr> |
<hr> |
|
|
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2.tar.gz> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2.tar.gz"> |
You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
This file is updated once a day. |
This file is updated once a day. |
|
|
|
|
|
|
<dl> |
<dl> |
<a name=all></a> |
<a name=all></a> |
<li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color="#e00000">All architectures</font></h3> |
<ul> |
<ul> |
<a name=ipsec></a> |
<a name=ipsec></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
If IPSEC communication is attempted by starting photurisd(8) (which is |
If IPSEC communication is attempted by starting photurisd(8) (which is |
disabled by default), a system crash may be evoked from remote if |
disabled by default), a system crash may be evoked from remote if |
an attacker uses some classes of invalid packets. |
an attacker uses some classes of invalid packets. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/ipsec.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/ipsec.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=xterm-xaw></a> |
<a name=xterm-xaw></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
As stated in CERT advisory VB-98.04, there are buffer |
As stated in CERT advisory VB-98.04, there are buffer |
overrun problems in <strong>xterm</strong> related to the input-Method, |
overrun problems in <strong>xterm</strong> related to the input-Method, |
preeditType, and *Keymap resources. Additional buffer overruns exist in |
preeditType, and *Keymap resources. Additional buffer overruns exist in |
|
|
a security vulnerability for any setuid-root program that uses the Xaw |
a security vulnerability for any setuid-root program that uses the Xaw |
library (including xterm). Patch1 from XFree86 3.3.2 corrects |
library (including xterm). Patch1 from XFree86 3.3.2 corrects |
these problems. |
these problems. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/xterm-xaw.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/xterm-xaw.patch"> |
We provide a version of this patch file specifically for the OpenBSD 2.2 tree</a>. |
We provide a version of this patch file specifically for the OpenBSD 2.2 tree</a>. |
<p> |
<p> |
<a name=rmjob></a> |
<a name=rmjob></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
An exploitable buffer mismanagement exists in a subroutine used by |
An exploitable buffer mismanagement exists in a subroutine used by |
lprm and lpd. The problem is exploitable by users on a particular |
lprm and lpd. The problem is exploitable by users on a particular |
machine if there is an entry in <strong>/etc/printcap</strong> which |
machine if there is an entry in <strong>/etc/printcap</strong> which |
points at a remote printer. |
points at a remote printer. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/rmjob.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/rmjob.patch"> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
<a name=uucpd></a> |
<a name=uucpd></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A DNS-based vulnerability exists when uucpd is used. By default uucpd |
A DNS-based vulnerability exists when uucpd is used. By default uucpd |
is not enabled in the OpenBSD releases, but some sites may have enabled it. |
is not enabled in the OpenBSD releases, but some sites may have enabled it. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/uucpd.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/uucpd.patch"> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
<a name=named></a> |
<a name=named></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A vulnerability exists when (and only when) /etc/named.conf has the |
A vulnerability exists when (and only when) /etc/named.conf has the |
<strong>fake-iquery</strong> option enabled. |
<strong>fake-iquery</strong> option enabled. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/named.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/named.patch"> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
<a name=ping></a> |
<a name=ping></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A vulnerability exists in ping(8); if the -R option is used to record |
A vulnerability exists in ping(8); if the -R option is used to record |
routes, an attacker can spoof a reply packet that will overflow inside |
routes, an attacker can spoof a reply packet that will overflow inside |
ping. Preliminary investigation makes it look the worst attack |
ping. Preliminary investigation makes it look the worst attack |
possible is to make ping crash, but one never knows... |
possible is to make ping crash, but one never knows... |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/ping.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/ping.patch"> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
<a name=sourceroute></a> |
<a name=sourceroute></a> |
<li><strong><font color=#009000>SECURITY FIX</font></strong><br> |
<li><strong><font color="#009000">SECURITY FIX</font></strong><br> |
If the sysctl variable <strong>net.inet.ip.forwarding</strong> is |
If the sysctl variable <strong>net.inet.ip.forwarding</strong> is |
enabled (value 1), but the variable <strong>net.inet.ip.sourceroute</strong> |
enabled (value 1), but the variable <strong>net.inet.ip.sourceroute</strong> |
is disabled (value 0), the kernel will block source routed packets from |
is disabled (value 0), the kernel will block source routed packets from |
|
|
itself. Our fix changes the <strong>net.inet.ip.sourceroute</strong> |
itself. Our fix changes the <strong>net.inet.ip.sourceroute</strong> |
variable semantics to mean that all source routed packets should |
variable semantics to mean that all source routed packets should |
be blocked completely. |
be blocked completely. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/sourceroute.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/sourceroute.patch"> |
A kernel patch is provided</a>. |
A kernel patch is provided</a>. |
<p> |
<p> |
<a name=ruserok></a> |
<a name=ruserok></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A combination localhost+remote host security problem exists if a |
A combination localhost+remote host security problem exists if a |
local user running a setuid binary causes a non-existent root .rhosts |
local user running a setuid binary causes a non-existent root .rhosts |
file to be created via a symbolic link with a specific kind of corefile, |
file to be created via a symbolic link with a specific kind of corefile, |
|
|
<p> |
<p> |
<ul> |
<ul> |
<li> |
<li> |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/nosuidcoredump.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/nosuidcoredump.patch"> |
(1) A kernel patch which adds a new sysctl option which permits the |
(1) A kernel patch which adds a new sysctl option which permits the |
administrator to decide whether setuid corefiles should be written or not</a>. |
administrator to decide whether setuid corefiles should be written or not</a>. |
<p> |
<p> |
<li><a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/rcmd.patch> |
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/rcmd.patch"> |
(2) Replaces the libc ruserok() function with a more paranoid |
(2) Replaces the libc ruserok() function with a more paranoid |
version which detects bogus looking .rhosts files better.</a> |
version which detects bogus looking .rhosts files better.</a> |
</ul> |
</ul> |
|
|
ssh 1.2.21 and previous (the ssh people have been alerted). |
ssh 1.2.21 and previous (the ssh people have been alerted). |
<p> |
<p> |
<a name=mmap></a> |
<a name=mmap></a> |
<li><strong><font color=#009000>SECURITY FIX</font></strong><br> |
<li><strong><font color="#009000">SECURITY FIX</font></strong><br> |
A bug in the vm system permits a file descriptor opened read-only on a |
A bug in the vm system permits a file descriptor opened read-only on a |
device, to later on be mmap(2)'d read-write, and then modified. This |
device, to later on be mmap(2)'d read-write, and then modified. This |
does not result in a security hole by itself, but it does violate the |
does not result in a security hole by itself, but it does violate the |
safety semantics which securelevels are supposed to provide. If a user |
safety semantics which securelevels are supposed to provide. If a user |
manages to gain kmem group permissions, using this problem they can then |
manages to gain kmem group permissions, using this problem they can then |
gain root trivially and/or turn securelevels off. |
gain root trivially and/or turn securelevels off. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/vm_mmap.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/vm_mmap.patch"> |
A kernel patch is available which corrects this behaviour (this is |
A kernel patch is available which corrects this behaviour (this is |
revision 3 of this patch)</a>. |
revision 3 of this patch)</a>. |
<p> |
<p> |
<li><font color=#009000><strong>BUILD PROCESS FIX</strong></font><br> |
<li><font color="#009000"><strong>BUILD PROCESS FIX</strong></font><br> |
Building an object tree from a read-only source tree (such as off a CDROM) |
Building an object tree from a read-only source tree (such as off a CDROM) |
may fail under certain circumstances (e.g. when creating a symlink on sparc |
may fail under certain circumstances (e.g. when creating a symlink on sparc |
whose target name is exactly 33 characters). As a workaround you have to |
whose target name is exactly 33 characters). As a workaround you have to |
either provide the source tree read/write, or install a newer version of |
either provide the source tree read/write, or install a newer version of |
/usr/bin/readlink. |
/usr/bin/readlink. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/readlink.c> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/readlink.c"> |
A replacement source file exists</a>. |
A replacement source file exists</a>. |
<p> |
<p> |
<a name=mountd></a> |
<a name=mountd></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
If a line in /etc/exports which contains hostnames results in an empty |
If a line in /etc/exports which contains hostnames results in an empty |
list because none of the supplied hostnames is known, mountd(8) will |
list because none of the supplied hostnames is known, mountd(8) will |
accidentally export the filesystem to the world. |
accidentally export the filesystem to the world. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/mountd.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/mountd.patch"> |
A patch is available which corrects this behaviour</a>. |
A patch is available which corrects this behaviour</a>. |
<p> |
<p> |
<li><font color=#009000><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
Setting the MSG_EOR flag on a tcp packet in the send(2) family of |
Setting the MSG_EOR flag on a tcp packet in the send(2) family of |
system calls could cause a kernel panic. |
system calls could cause a kernel panic. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/send.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/common/send.patch"> |
A patch</a> to return EINVAL in this case is available. |
A patch</a> to return EINVAL in this case is available. |
<p> |
<p> |
</ul> |
</ul> |
<a name=i386></a> |
<a name=i386></a> |
<li><h3><font color=#e00000>i386</font></h3> |
<li><h3><font color="#e00000">i386</font></h3> |
<ul> |
<ul> |
<a name=f00f></a> |
<a name=f00f></a> |
<li><font color=#009000><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
The Intel P5 F00F bug was discovered after the CDRs had already been |
The Intel P5 F00F bug was discovered after the CDRs had already been |
sent to the manufacturer. This problem permits any user who has an account |
sent to the manufacturer. This problem permits any user who has an account |
to lock your machine up using a 4-line program. The problem only affects |
to lock your machine up using a 4-line program. The problem only affects |
Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable, |
Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable, |
nor are processors by other manufacturers). |
nor are processors by other manufacturers). |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/f00f.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/f00f.patch"> |
A kernel source-code patch is available</a>. |
A kernel source-code patch is available</a>. |
<p> |
<p> |
<li><font color=#009000><strong>FUNCTIONALITY FIX</strong></font><br> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
Some Linux binaries will execute in SVR4 emulation mode, which is |
Some Linux binaries will execute in SVR4 emulation mode, which is |
definitely a problem for people who need Linux emulation to work correctly. |
definitely a problem for people who need Linux emulation to work correctly. |
To solve this mis-identification problem, |
To solve this mis-identification problem, |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/compat_linux.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/compat_linux.patch"> |
a patch file is provided</a>. |
a patch file is provided</a>. |
<p> |
<p> |
<li><font color=#009000><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
APM can crash on machines without it. |
APM can crash on machines without it. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/apm.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/i386/apm.patch"> |
A kernel source-code patch is available</a>. |
A kernel source-code patch is available</a>. |
<p> |
<p> |
<li><font color=#009000><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
<li><font color="#009000"><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
A few people are running into this problem, particularly if they had some |
A few people are running into this problem, particularly if they had some |
other *BSD operating system on their machine before trying OpenBSD: if after |
other *BSD operating system on their machine before trying OpenBSD: if after |
installation onto an IDE-based machine, the kernel fails to mount the root |
installation onto an IDE-based machine, the kernel fails to mount the root |
|
|
<p> |
<p> |
</ul> |
</ul> |
<a name=mac68k></a> |
<a name=mac68k></a> |
<li><h3><font color=#e00000>mac68k</font></h3> |
<li><h3><font color="#e00000">mac68k</font></h3> |
<ul> |
<ul> |
<li><font color=#009000><strong>NEW SOFTWARE</strong></font><br> |
<li><font color="#009000"><strong>NEW SOFTWARE</strong></font><br> |
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the |
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the |
CDROM. However, X11 for the mac68k is immediately available from |
CDROM. However, X11 for the mac68k is immediately available from |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz"> |
|
|
be sure to read the <a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/X11/README.X11">README file</a> also in that directory for instructions on installing |
be sure to read the <a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/X11/README.X11">README file</a> also in that directory for instructions on installing |
and setting up X. |
and setting up X. |
<p> |
<p> |
<li><font color=#009000><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
<li><font color="#009000"><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
As shipped on the CDROM, both the |
As shipped on the CDROM, both the |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/bsd-generic.tar.gz"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.2/mac68k/bsd-generic.tar.gz"> |
generic kernel</a> |
generic kernel</a> |
|
|
<p> |
<p> |
</ul> |
</ul> |
<a name=sparc></a> |
<a name=sparc></a> |
<li><h3><font color=#e00000>sparc</font></h3> |
<li><h3><font color="#e00000">sparc</font></h3> |
<ul> |
<ul> |
<li><font color=#009000><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
Older 4/xxx systems (particularly the 4/300's) cannot boot |
Older 4/xxx systems (particularly the 4/300's) cannot boot |
with the 2.2 kernel due to bugs in the scsi device driver. |
with the 2.2 kernel due to bugs in the scsi device driver. |
<a href=ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/esp.patch> |
<a href="ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/esp.patch"> |
A kernel source patch is available</a>. |
A kernel source patch is available</a>. |
Replacement kernels are available for: |
Replacement kernels are available for: |
<a href=ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/bsd>bsd</a>, |
<a href="ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/bsd">bsd</a>, |
<a href=ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/bsd.scsi3>bsd.scsi3</a>, |
<a href="ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/bsd.scsi3">bsd.scsi3</a>, |
and a replacement for bsd.rd is coming soon. |
and a replacement for bsd.rd is coming soon. |
<p> |
<p> |
<a name=sparciommu></a> |
<a name=sparciommu></a> |
<li><font color=#009000><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when |
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when |
using a custom kernel configured for option sun4m only. |
using a custom kernel configured for option sun4m only. |
<a href=ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/sun4m.patch> |
<a href="ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/2.2/sparc/sun4m.patch"> |
A workaround (kernel source patch) is available</a>. Apply the patch and |
A workaround (kernel source patch) is available</a>. Apply the patch and |
then re-build your kernel. |
then re-build your kernel. |
<p> |
<p> |
</ul> |
</ul> |
<li><h3><font color=#e00000>amiga</font></h3> |
<li><h3><font color="#e00000">amiga</font></h3> |
<p> |
<p> |
<ul> |
<ul> |
<li><font color=#009000><strong>FUNCTIONALITY FIX</strong></font><br> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
Missing Xamiga manual pages. Get |
Missing Xamiga manual pages. Get |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/amiga/Xamiga-manual.tgz> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/amiga/Xamiga-manual.tgz"> |
this package</a> and execute, <i>as root</i>:<br> |
this package</a> and execute, <i>as root</i>:<br> |
<strong><b># </b>pkg_add Xamiga-manual.tgz</strong><br> |
<strong><b># </b>pkg_add Xamiga-manual.tgz</strong><br> |
The MD5 checksum of this package is:<br> |
The MD5 checksum of this package is:<br> |
<b>MD5 (Xamiga-manual.tgz) = 2362a7857264b9d17f65cca258b42031</b><p> |
<b>MD5 (Xamiga-manual.tgz) = 2362a7857264b9d17f65cca258b42031</b><p> |
<li><font color=#009000><strong>FUNCTIONALITY FIX</strong></font><br> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
The Ariadne ethernet support was broken, there will be both binary and |
The Ariadne ethernet support was broken, there will be both binary and |
source level fixes available shortly. If you are in a hurry mail |
source level fixes available shortly. If you are in a hurry mail |
<a href=mailto:niklas@openbsd.org>Niklas</a> for a test kernel.<p> |
<a href="mailto:niklas@openbsd.org">Niklas</a> for a test kernel.<p> |
</ul> |
</ul> |
<a name=pmax></a> |
<a name=pmax></a> |
<li><h3><font color=#e00000>pmax</font></h3> |
<li><h3><font color="#e00000">pmax</font></h3> |
<ul> |
<ul> |
<li><font color=#009000><strong>FUNCTIONALITY FIX</strong></font><br> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
There is a Year-1998 problem in the time-setting code (which causes the |
There is a Year-1998 problem in the time-setting code (which causes the |
date and time to be set incorrectly after a reboot in 1998). |
date and time to be set incorrectly after a reboot in 1998). |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/clock.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/clock.patch"> |
A source code patch file is available</a> plus replacement installation |
A source code patch file is available</a> plus replacement installation |
kernels for the 2.2 release at |
kernels for the 2.2 release at |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd.NFS>bsd.NFS</a>, |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd.NFS">bsd.NFS</a>, |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd>bsd</a>, |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd">bsd</a>, |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd.rz0>bsd.rz0</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/bsd.rz0">bsd.rz0</a>. |
<p> |
<p> |
<li><font color=#009000><strong>FUNCTIONALITY FIX</strong></font><br> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
X11 support for the 3min and 3maxplus machines was broken |
X11 support for the 3min and 3maxplus machines was broken |
due to a kernel bug. |
due to a kernel bug. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/fb.patch> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/fb.patch"> |
A source code patch is available</a>. |
A source code patch is available</a>. |
<p> |
<p> |
<a name=ldso></a> |
<a name=ldso></a> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A security problem in the shared library linker <strong>ld.so</strong> |
A security problem in the shared library linker <strong>ld.so</strong> |
requires that you replace it with a new binary. The following binary |
requires that you replace it with a new binary. The following binary |
will work on both pmax and arc machines. |
will work on both pmax and arc machines. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/ld.so> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/ld.so"> |
The replacement binary is here</a>. |
The replacement binary is here</a>. |
<p> |
<p> |
</ul> |
</ul> |
<a name=arc></a> |
<a name=arc></a> |
<li><h3><font color=#e00000>arc</font></h3> |
<li><h3><font color="#e00000">arc</font></h3> |
<ul> |
<ul> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A security problem in the shared library linker <strong>ld.so</strong> requires |
A security problem in the shared library linker <strong>ld.so</strong> requires |
that you replace it with a new binary. The following binary |
that you replace it with a new binary. The following binary |
will work on both pmax and arc machines. |
will work on both pmax and arc machines. |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/ld.so> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.2/pmax/ld.so"> |
The replacement binary is here</a>. |
The replacement binary is here</a>. |
<p> |
<p> |
</ul> |
</ul> |
<li><h3><font color=#e00000>alpha</font></h3> |
<li><h3><font color="#e00000">alpha</font></h3> |
<p> |
<p> |
<ul> |
<ul> |
<li><font color=#009000><strong>MISSING FUNCTIONALITY</strong></font><br> |
<li><font color="#009000"><strong>MISSING FUNCTIONALITY</strong></font><br> |
Network Address Translation and other parts of IP Filtering do not work |
Network Address Translation and other parts of IP Filtering do not work |
on the alpha. This will be fixed in the 2.3 release, and perhaps earlier |
on the alpha. This will be fixed in the 2.3 release, and perhaps earlier |
in a snapshot. There is no patch for 2.2. |
in a snapshot. There is no patch for 2.2. |
<p> |
<p> |
</ul> |
</ul> |
<li><h3><font color=#e00000>hp300</font></h3> |
<li><h3><font color="#e00000">hp300</font></h3> |
<p> |
<p> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
<p> |
<p> |
</ul> |
</ul> |
<li><h3><font color=#e00000>mvme68k</font></h3> |
<li><h3><font color="#e00000">mvme68k</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
<p> |
<p> |
|
|
|
|
<hr> |
<hr> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href=mailto:www@openbsd.org>www@openbsd.org</a> |
<a href="mailto:www@openbsd.org">www@openbsd.org</a> |
<br><small>$OpenBSD$</small> |
<br><small>$OpenBSD$</small> |
|
|
</body> |
</body> |