===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata22.html,v
retrieving revision 1.58
retrieving revision 1.59
diff -c -r1.58 -r1.59
*** www/errata22.html 2010/03/08 21:53:37 1.58
--- www/errata22.html 2010/07/08 19:00:07 1.59
***************
*** 52,58 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 52,58 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 70,76 ****
If IPSEC communication is attempted by starting photurisd(8) (which is
disabled by default), a system crash may be evoked from remote if
an attacker uses some classes of invalid packets.
!
A source code patch exists which remedies this problem.
--- 70,76 ----
If IPSEC communication is attempted by starting photurisd(8) (which is
disabled by default), a system crash may be evoked from remote if
an attacker uses some classes of invalid packets.
!
A source code patch exists which remedies this problem.
***************
*** 85,91 ****
a security vulnerability for any setuid-root program that uses the Xaw
library (including xterm). Patch1 from XFree86 3.3.2 corrects
these problems.
!
We provide a version of this patch file specifically for the OpenBSD 2.2 tree.
--- 85,91 ----
a security vulnerability for any setuid-root program that uses the Xaw
library (including xterm). Patch1 from XFree86 3.3.2 corrects
these problems.
!
We provide a version of this patch file specifically for the OpenBSD 2.2 tree.
***************
*** 94,114 ****
lprm and lpd. The problem is exploitable by users on a particular
machine if there is an entry in /etc/printcap which
points at a remote printer.
!
A patch is available which corrects this behaviour.
SECURITY FIX
A DNS-based vulnerability exists when uucpd is used. By default uucpd
is not enabled in the OpenBSD releases, but some sites may have enabled it.
!
A patch is available which corrects this behaviour.
SECURITY FIX
A vulnerability exists when (and only when) /etc/named.conf has the
fake-iquery option enabled.
!
A patch is available which corrects this behaviour.
--- 94,114 ----
lprm and lpd. The problem is exploitable by users on a particular
machine if there is an entry in /etc/printcap which
points at a remote printer.
!
A patch is available which corrects this behaviour.
SECURITY FIX
A DNS-based vulnerability exists when uucpd is used. By default uucpd
is not enabled in the OpenBSD releases, but some sites may have enabled it.
!
A patch is available which corrects this behaviour.
SECURITY FIX
A vulnerability exists when (and only when) /etc/named.conf has the
fake-iquery option enabled.
!
A patch is available which corrects this behaviour.
***************
*** 117,123 ****
routes, an attacker can spoof a reply packet that will overflow inside
ping. Preliminary investigation makes it look the worst attack
possible is to make ping crash, but one never knows...
!
A patch is available which corrects this behaviour.
--- 117,123 ----
routes, an attacker can spoof a reply packet that will overflow inside
ping. Preliminary investigation makes it look the worst attack
possible is to make ping crash, but one never knows...
!
A patch is available which corrects this behaviour.
***************
*** 129,135 ****
itself. Our fix changes the net.inet.ip.sourceroute
variable semantics to mean that all source routed packets should
be blocked completely.
!
A kernel patch is provided.
--- 129,135 ----
itself. Our fix changes the net.inet.ip.sourceroute
variable semantics to mean that all source routed packets should
be blocked completely.
!
A kernel patch is provided.
***************
*** 145,155 ****
--- 145,155 ----
***************
*** 172,178 ****
safety semantics which securelevels are supposed to provide. If a user
manages to gain kmem group permissions, using this problem they can then
gain root trivially and/or turn securelevels off.
!
A kernel patch is available which corrects this behaviour (this is
revision 3 of this patch).
--- 172,178 ----
safety semantics which securelevels are supposed to provide. If a user
manages to gain kmem group permissions, using this problem they can then
gain root trivially and/or turn securelevels off.
!
A kernel patch is available which corrects this behaviour (this is
revision 3 of this patch).
***************
*** 182,188 ****
whose target name is exactly 33 characters). As a workaround you have to
either provide the source tree read/write, or install a newer version of
/usr/bin/readlink.
!
A replacement source file exists.
--- 182,188 ----
whose target name is exactly 33 characters). As a workaround you have to
either provide the source tree read/write, or install a newer version of
/usr/bin/readlink.
!
A replacement source file exists.
***************
*** 190,202 ****
If a line in /etc/exports which contains hostnames results in an empty
list because none of the supplied hostnames is known, mountd(8) will
accidentally export the filesystem to the world.
!
A patch is available which corrects this behaviour.
RELIABILITY FIX
Setting the MSG_EOR flag on a tcp packet in the send(2) family of
system calls could cause a kernel panic.
!
A patch to return EINVAL in this case is available.
--- 190,202 ----
If a line in /etc/exports which contains hostnames results in an empty
list because none of the supplied hostnames is known, mountd(8) will
accidentally export the filesystem to the world.
!
A patch is available which corrects this behaviour.
RELIABILITY FIX
Setting the MSG_EOR flag on a tcp packet in the send(2) family of
system calls could cause a kernel panic.
!
A patch to return EINVAL in this case is available.
***************
*** 210,228 ****
to lock your machine up using a 4-line program. The problem only affects
Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable,
nor are processors by other manufacturers).
!
A kernel source-code patch is available.
FUNCTIONALITY FIX
Some Linux binaries will execute in SVR4 emulation mode, which is
definitely a problem for people who need Linux emulation to work correctly.
To solve this mis-identification problem,
!
a patch file is provided.
RELIABILITY FIX
APM can crash on machines without it.
!
A kernel source-code patch is available.
INSTALLATION PROCESS FLAW
--- 210,228 ----
to lock your machine up using a 4-line program. The problem only affects
Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable,
nor are processors by other manufacturers).
!
A kernel source-code patch is available.
FUNCTIONALITY FIX
Some Linux binaries will execute in SVR4 emulation mode, which is
definitely a problem for people who need Linux emulation to work correctly.
To solve this mis-identification problem,
!
a patch file is provided.
RELIABILITY FIX
APM can crash on machines without it.
!
A kernel source-code patch is available.
INSTALLATION PROCESS FLAW
***************
*** 242,266 ****
NEW SOFTWARE
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the
CDROM. However, X11 for the mac68k is immediately available from
!
! ftp://ftp.OpenBSD.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz. Please
! be sure to read the README file also in that directory for instructions on installing
and setting up X.
INSTALLATION PROCESS FLAW
As shipped on the CDROM, both the
!
generic kernel
and the
!
genericsbc kernel
extract themselves into the wrong place in the filesystem.
Both should extract a kernel named /bsd, but they extract
the kernel into /usr/src/sys/arch/mac68k/compile instead.
This has been fixed on the ftp release of OpenBSD 2.2, and
! fresh kernels are available from
! ftp://ftp.OpenBSD.ORG/pub/OpenBSD/2.2/mac68k/. If at all possible,
installing these kernels is recommended.
A number of possible workarounds exist if you don't have easy access to ftp
--- 242,266 ----
NEW SOFTWARE
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the
CDROM. However, X11 for the mac68k is immediately available from
!
! http://ftp.OpenBSD.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz. Please
! be sure to read the README file also in that directory for instructions on installing
and setting up X.
INSTALLATION PROCESS FLAW
As shipped on the CDROM, both the
!
generic kernel
and the
!
genericsbc kernel
extract themselves into the wrong place in the filesystem.
Both should extract a kernel named /bsd, but they extract
the kernel into /usr/src/sys/arch/mac68k/compile instead.
This has been fixed on the ftp release of OpenBSD 2.2, and
! fresh kernels are available from
! http://ftp.OpenBSD.ORG/pub/OpenBSD/2.2/mac68k/. If at all possible,
installing these kernels is recommended.
A number of possible workarounds exist if you don't have easy access to ftp
***************
*** 276,293 ****
RELIABILITY FIX
Older 4/xxx systems (particularly the 4/300's) cannot boot
with the 2.2 kernel due to bugs in the scsi device driver.
!
A kernel source patch is available.
Replacement kernels are available for:
! bsd,
! bsd.scsi3,
and a replacement for bsd.rd is coming soon.
RELIABILITY FIX
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when
using a custom kernel configured for option sun4m only.
!
A workaround (kernel source patch) is available. Apply the patch and
then re-build your kernel.
--- 276,293 ----
RELIABILITY FIX
Older 4/xxx systems (particularly the 4/300's) cannot boot
with the 2.2 kernel due to bugs in the scsi device driver.
!
A kernel source patch is available.
Replacement kernels are available for:
! bsd,
! bsd.scsi3,
and a replacement for bsd.rd is coming soon.
RELIABILITY FIX
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when
using a custom kernel configured for option sun4m only.
!
A workaround (kernel source patch) is available. Apply the patch and
then re-build your kernel.
***************
*** 297,303 ****
- FUNCTIONALITY FIX
Missing Xamiga manual pages. Get
!
this package and execute, as root:
# pkg_add Xamiga-manual.tgz
The MD5 checksum of this package is:
--- 297,303 ----
- FUNCTIONALITY FIX
Missing Xamiga manual pages. Get
!
this package and execute, as root:
# pkg_add Xamiga-manual.tgz
The MD5 checksum of this package is:
***************
*** 313,329 ****
- FUNCTIONALITY FIX
There is a Year-1998 problem in the time-setting code (which causes the
date and time to be set incorrectly after a reboot in 1998).
!
A source code patch file is available plus replacement installation
kernels for the 2.2 release at
! bsd.NFS,
! bsd,
! bsd.rz0.
- FUNCTIONALITY FIX
X11 support for the 3min and 3maxplus machines was broken
due to a kernel bug.
!
A source code patch is available.
-
--- 313,329 ----
- FUNCTIONALITY FIX
There is a Year-1998 problem in the time-setting code (which causes the
date and time to be set incorrectly after a reboot in 1998).
!
A source code patch file is available plus replacement installation
kernels for the 2.2 release at
! bsd.NFS,
! bsd,
! bsd.rz0.
- FUNCTIONALITY FIX
X11 support for the 3min and 3maxplus machines was broken
due to a kernel bug.
!
A source code patch is available.
-
***************
*** 331,337 ****
A security problem in the shared library linker ld.so
requires that you replace it with a new binary. The following binary
will work on both pmax and arc machines.
!
The replacement binary is here.
--- 331,337 ----
A security problem in the shared library linker ld.so
requires that you replace it with a new binary. The following binary
will work on both pmax and arc machines.
!
The replacement binary is here.
***************
*** 342,348 ****
A security problem in the shared library linker ld.so requires
that you replace it with a new binary. The following binary
will work on both pmax and arc machines.
!
The replacement binary is here.
--- 342,348 ----
A security problem in the shared library linker ld.so requires
that you replace it with a new binary. The following binary
will work on both pmax and arc machines.
!
The replacement binary is here.
***************
*** 405,411 ****
www@openbsd.org
!
$OpenBSD: errata22.html,v 1.58 2010/03/08 21:53:37 deraadt Exp $