=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata22.html,v retrieving revision 1.87 retrieving revision 1.88 diff -c -r1.87 -r1.88 *** www/errata22.html 2016/08/15 02:22:06 1.87 --- www/errata22.html 2016/10/16 19:11:29 1.88 *************** *** 70,76 ****

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

--- 70,76 ----

! You can also fetch a tar.gz file containing all the following patches. This file is updated once a day.

*************** *** 92,98 **** If IPSEC communication is attempted by starting photurisd(8) (which is disabled by default), a system crash may be evoked from remote if an attacker uses some classes of invalid packets. ! A source code patch exists which remedies this problem.

--- 92,98 ---- If IPSEC communication is attempted by starting photurisd(8) (which is disabled by default), a system crash may be evoked from remote if an attacker uses some classes of invalid packets. ! A source code patch exists which remedies this problem.

*************** *** 108,114 **** a security vulnerability for any setuid-root program that uses the Xaw library (including xterm). Patch1 from XFree86 3.3.2 corrects these problems. ! We provide a version of this patch file specifically for the OpenBSD 2.2 tree.

--- 108,114 ---- a security vulnerability for any setuid-root program that uses the Xaw library (including xterm). Patch1 from XFree86 3.3.2 corrects these problems. ! We provide a version of this patch file specifically for the OpenBSD 2.2 tree.

*************** *** 118,124 **** lprm and lpd. The problem is exploitable by users on a particular machine if there is an entry in /etc/printcap which points at a remote printer. ! A patch is available which corrects this behaviour.

--- 118,124 ---- lprm and lpd. The problem is exploitable by users on a particular machine if there is an entry in /etc/printcap which points at a remote printer. ! A patch is available which corrects this behaviour.

*************** *** 126,132 **** All architectures
A DNS-based vulnerability exists when uucpd is used. By default uucpd is not enabled in the OpenBSD releases, but some sites may have enabled it. ! A patch is available which corrects this behaviour.

--- 126,132 ---- All architectures
A DNS-based vulnerability exists when uucpd is used. By default uucpd is not enabled in the OpenBSD releases, but some sites may have enabled it. ! A patch is available which corrects this behaviour.

*************** *** 134,140 **** All architectures
A vulnerability exists when (and only when) /etc/named.conf has the fake-iquery option enabled. ! A patch is available which corrects this behaviour.

--- 134,140 ---- All architectures
A vulnerability exists when (and only when) /etc/named.conf has the fake-iquery option enabled. ! A patch is available which corrects this behaviour.

*************** *** 144,150 **** routes, an attacker can spoof a reply packet that will overflow inside ping. Preliminary investigation makes it look the worst attack possible is to make ping crash, but one never knows... ! A patch is available which corrects this behaviour.

--- 144,150 ---- routes, an attacker can spoof a reply packet that will overflow inside ping. Preliminary investigation makes it look the worst attack possible is to make ping crash, but one never knows... ! A patch is available which corrects this behaviour.

*************** *** 156,162 **** itself. Our fix changes the net.inet.ip.sourceroute variable semantics to mean that all source routed packets should be blocked completely. ! A kernel patch is provided.

--- 156,162 ---- itself. Our fix changes the net.inet.ip.sourceroute variable semantics to mean that all source routed packets should be blocked completely. ! A kernel patch is provided.

*************** *** 173,183 ****

--- 173,183 ----

*************** *** 200,206 **** safety semantics which securelevels are supposed to provide. If a user manages to gain kmem group permissions, using this problem they can then gain root trivially and/or turn securelevels off. ! A kernel patch is available which corrects this behaviour (this is revision 3 of this patch).

--- 200,206 ---- safety semantics which securelevels are supposed to provide. If a user manages to gain kmem group permissions, using this problem they can then gain root trivially and/or turn securelevels off. ! A kernel patch is available which corrects this behaviour (this is revision 3 of this patch).

*************** *** 211,217 **** whose target name is exactly 33 characters). As a workaround you have to either provide the source tree read/write, or install a newer version of /usr/bin/readlink. ! A replacement source file exists.

--- 211,217 ---- whose target name is exactly 33 characters). As a workaround you have to either provide the source tree read/write, or install a newer version of /usr/bin/readlink. ! A replacement source file exists.

*************** *** 220,233 **** If a line in /etc/exports which contains hostnames results in an empty list because none of the supplied hostnames is known, mountd(8) will accidentally export the filesystem to the world. ! A patch is available which corrects this behaviour.

RELIABILITY FIX All architectures
Setting the MSG_EOR flag on a tcp packet in the send(2) family of system calls could cause a kernel panic. ! A patch to return EINVAL in this case is available.

--- 220,233 ---- If a line in /etc/exports which contains hostnames results in an empty list because none of the supplied hostnames is known, mountd(8) will accidentally export the filesystem to the world. ! A patch is available which corrects this behaviour.

*************** *** 237,255 **** to lock your machine up using a 4-line program. The problem only affects Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable, nor are processors by other manufacturers). ! A kernel source-code patch is available.

FUNCTIONALITY FIX
Some Linux binaries will execute in SVR4 emulation mode, which is definitely a problem for people who need Linux emulation to work correctly. To solve this mis-identification problem, ! a patch file is provided.

RELIABILITY FIX
APM can crash on machines without it. ! A kernel source-code patch is available.

INSTALLATION PROCESS FLAW
--- 237,255 ---- to lock your machine up using a 4-line program. The problem only affects Intel P5 processors (the i386, i486, P-Pro, and P-II are not vulnerable, nor are processors by other manufacturers). ! A kernel source-code patch is available.

RELIABILITY FIX
APM can crash on machines without it. ! A kernel source-code patch is available.

INSTALLATION PROCESS FLAW
*************** *** 265,288 ****

NEW SOFTWARE
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the CDROM. However, X11 for the mac68k is immediately available from ! ! http://ftp.OpenBSD.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz. Please ! be sure to read the README file also in that directory for instructions on installing and setting up X.

INSTALLATION PROCESS FLAW
As shipped on the CDROM, both the ! generic kernel and the ! genericsbc kernel extract themselves into the wrong place in the filesystem. Both should extract a kernel named /bsd, but they extract the kernel into /usr/src/sys/arch/mac68k/compile instead.

This has been fixed on the ftp release of OpenBSD 2.2, and ! fresh kernels are available from http://ftp.OpenBSD.ORG/pub/OpenBSD/2.2/mac68k/. If at all possible, installing these kernels is recommended.

--- 265,288 ----

NEW SOFTWARE
Unfortunately, X11 binaries for the mac68k did not manage to make it onto the CDROM. However, X11 for the mac68k is immediately available from ! ! https://ftp.OpenBSD.org/pub/OpenBSD/2.2/mac68k/X11/X11R6.tar.gz. Please ! be sure to read the README file also in that directory for instructions on installing and setting up X.

*************** *** 295,318 ****

RELIABILITY FIX
Older 4/xxx systems (particularly the 4/300's) cannot boot with the 2.2 kernel due to bugs in the scsi device driver. ! A kernel source patch is available. Replacement kernels are available for: ! bsd, ! bsd.scsi3, and a replacement for bsd.rd is coming soon.

RELIABILITY FIX
SPARCstation 4 and 5 (Microsparc 2) users may see kernel panics when using a custom kernel configured for option sun4m only. ! A workaround (kernel source patch) is available. Apply the patch and then re-build your kernel.

FUNCTIONALITY FIX
Missing Xamiga manual pages. Get ! this package and execute, as root:
# pkg_add Xamiga-manual.tgz
The MD5 checksum of this package is:
--- 295,318 ----

FUNCTIONALITY FIX
Missing Xamiga manual pages. Get ! this package and execute, as root:
# pkg_add Xamiga-manual.tgz
The MD5 checksum of this package is:
*************** *** 325,341 ****

FUNCTIONALITY FIX
There is a Year-1998 problem in the time-setting code (which causes the date and time to be set incorrectly after a reboot in 1998). ! A source code patch file is available plus replacement installation kernels for the 2.2 release at ! bsd.NFS, ! bsd, ! bsd.rz0.

FUNCTIONALITY FIX
X11 support for the 3min and 3maxplus machines was broken due to a kernel bug. ! A source code patch is available.

--- 325,341 ----

FUNCTIONALITY FIX
X11 support for the 3min and 3maxplus machines was broken due to a kernel bug. ! A source code patch is available.

*************** *** 343,356 **** A security problem in the shared library linker ld.so requires that you replace it with a new binary. The following binary will work on both pmax and arc machines. ! The replacement binary is here.

SECURITY FIX
A security problem in the shared library linker ld.so requires that you replace it with a new binary. The following binary will work on both pmax and arc machines. ! The replacement binary is here.

MISSING FUNCTIONALITY
--- 343,356 ---- A security problem in the shared library linker ld.so requires that you replace it with a new binary. The following binary will work on both pmax and arc machines. ! The replacement binary is here.

MISSING FUNCTIONALITY