! SECURITY FIXAll architectures
A remotely exploitable problem exists in bootpd(8). bootpd is disabled
by default, but some people may actually be using it.
--- 85,91 ----
! SECURITY FIXAll architectures
A remotely exploitable problem exists in bootpd(8). bootpd is disabled
by default, but some people may actually be using it.
***************
*** 96,109 ****
This is the second version of the patch.
! HARDWARE SUPPORTAll architectures
Some ATAPI cdroms which do not support the full mandatory command set,
(e.g. ATAPI_READ_CD_CAPACITY) do not work with the acd(4) driver.
--- 94,107 ----
This is the second version of the patch.
! HARDWARE SUPPORTAll architectures
Some ATAPI cdroms which do not support the full mandatory command set,
(e.g. ATAPI_READ_CD_CAPACITY) do not work with the acd(4) driver.
***************
*** 112,118 ****
available here.
! SECURITY FIXAll architectures
Chpass(1) has a file descriptor leak which allows an
attacker to modify /etc/master.passwd.
--- 110,116 ----
available here.
! SECURITY FIXAll architectures
Chpass(1) has a file descriptor leak which allows an
attacker to modify /etc/master.passwd.
***************
*** 120,126 ****
A source code patch exists which remedies this problem.
! RELIABILITY FIXAll architectures
Calling readv(2) with iov_len < 0 or > INT_MAX would result in a
kernel panic. This is the third revision of this patch.
--- 118,124 ----
A source code patch exists which remedies this problem.
! RELIABILITY FIXAll architectures
Calling readv(2) with iov_len < 0 or > INT_MAX would result in a
kernel panic. This is the third revision of this patch.
***************
*** 128,148 ****
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
Inetd had a file descriptor leak. A patch is
available here.
! SECURITY FIXAll architectures
Some non-allocated file descriptors have implied uses according to
system libraries, and hence setuid and setgid processes should not
--- 126,146 ----
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
Inetd had a file descriptor leak. A patch is
available here.
! SECURITY FIXAll architectures
Some non-allocated file descriptors have implied uses according to
system libraries, and hence setuid and setgid processes should not
***************
*** 153,159 ****
available here.
! SECURITY FIXAll architectures
A benign looking buffer overflow in the resolver routines was re-introduced
accidentally. The previously fixed behaviour is more correct. A patch
--- 151,157 ----
available here.
! SECURITY FIXAll architectures
A benign looking buffer overflow in the resolver routines was re-introduced
accidentally. The previously fixed behaviour is more correct. A patch
***************
*** 162,168 ****
available here.
! SECURITY FIXAll architectures
Vulnerabilities have been found in the X11, Xt, Xaw and Xmu
libraries. These affect xterm and all other setuid-root programs that
--- 160,166 ----
available here.
! SECURITY FIXAll architectures
Vulnerabilities have been found in the X11, Xt, Xaw and Xmu
libraries. These affect xterm and all other setuid-root programs that
***************
*** 178,184 ****
OpenBSD 2.3 X11 tree, is available now.
! SECURITY FIXAll architectures
The kill(2) system call previously would permit a large set of signals to
be delivered to setuid or setgid processes. If such processes were using
--- 176,182 ----
OpenBSD 2.3 X11 tree, is available now.
! SECURITY FIXAll architectures
The kill(2) system call previously would permit a large set of signals to
be delivered to setuid or setgid processes. If such processes were using
***************
*** 189,195 ****
available.
! SECURITY FIXAll architectures
A possible new security problem exists if you rely on securelevels and
immutable or append-only files or character devices. The fix does not
--- 187,193 ----
available.
! SECURITY FIXAll architectures
A possible new security problem exists if you rely on securelevels and
immutable or append-only files or character devices. The fix does not
***************
*** 200,206 ****
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
If IPSEC communication is attempted by starting photurisd(8) (which is
disabled by default), a system crash may be evoked from remote if
--- 198,204 ----
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
If IPSEC communication is attempted by starting photurisd(8) (which is
disabled by default), a system crash may be evoked from remote if
***************
*** 209,220 ****
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
As stated in CERT advisory VB-98.04, there are buffer
! overrun problems in xterm related to the input-Method,
preeditType, and *Keymap resources. Additional buffer overruns exist in
! the Xaw library related to the inputMethod and
preeditType resources. The xterm(1) problem represents a security
vulnerability for any platform where xterm is installed setuid-root
(as is the case for all OpenBSD platforms). The Xaw problem represents
--- 207,218 ----
A source code patch exists which remedies this problem.
! SECURITY FIXAll architectures
As stated in CERT advisory VB-98.04, there are buffer
! overrun problems in xterm related to the input-Method,
preeditType, and *Keymap resources. Additional buffer overruns exist in
! the Xaw library related to the inputMethod and
preeditType resources. The xterm(1) problem represents a security
vulnerability for any platform where xterm is installed setuid-root
(as is the case for all OpenBSD platforms). The Xaw problem represents
***************
*** 225,232 ****
We provide a version of this patch file specifically for the OpenBSD 2.3 tree.
We also provide tar files which replace the xterm(1) binary and the libXaw
libraries on your system. These are expected to be extracted in
! /usr/X11R6 using the command
! "tar xvfpz Xawfix.tgz".
The files are...
i386,
alpha,
--- 223,230 ----
We provide a version of this patch file specifically for the OpenBSD 2.3 tree.
We also provide tar files which replace the xterm(1) binary and the libXaw
libraries on your system. These are expected to be extracted in
! /usr/X11R6 using the command
! "tar xvfpz Xawfix.tgz".
The files are...
i386,
alpha,
***************
*** 240,252 ****
arc.
! RELIABILITY FIX
The pctr(4) driver has bugs that permit any user to crash the machine,
if the CPU is not an Intel CPU. This problem has been properly fixed
since, but fixes are hard to apply to the 2.2 or 2.3 releases. To avoid
the problem, recompile your kernel without the pctr(4) device driver.
!
CORRUPTED FILE
The CD version of the precompiled ghostscript package is corrupted and
not installable. The correct file can be retrieved by FTP from:
--- 238,250 ----
arc.
! RELIABILITY FIX
The pctr(4) driver has bugs that permit any user to crash the machine,
if the CPU is not an Intel CPU. This problem has been properly fixed
since, but fixes are hard to apply to the 2.2 or 2.3 releases. To avoid
the problem, recompile your kernel without the pctr(4) device driver.
!
CORRUPTED FILE
The CD version of the precompiled ghostscript package is corrupted and
not installable. The correct file can be retrieved by FTP from:
***************
*** 260,266 ****
! RELIABILITY FIX
The pcvt(4) console driver has a bug that can cause some keyboard
controllers to lock up when a key is pressed that toggles the status
of a keyboard LED (scroll lock, caps lock, etc). The problem is
--- 258,264 ----
! RELIABILITY FIX
The pcvt(4) console driver has a bug that can cause some keyboard
controllers to lock up when a key is pressed that toggles the status
of a keyboard LED (scroll lock, caps lock, etc). The problem is
***************
*** 269,275 ****
A source code patch exists which remedies this problem.
MINOR INCOMPATIBILITY
The AmigaOS patch
PoolMem
improves AmigaOS memory handling tremendously, but confuses loadbsd, which
--- 278,284 ----
Other replacements for the 2.3 install tools are
also available.
!
MINOR INCOMPATIBILITY
The AmigaOS patch
PoolMem
improves AmigaOS memory handling tremendously, but confuses loadbsd, which
***************
*** 292,304 ****
right before running loadbsd. The next release of loadbsd will probably be
PoolMem-aware.
!
RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
! changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
!
X11 RELEASE ERROR
The XFree86 binary set was linked with an older version of the C
library. To work around the problem, do the following as root.
--- 290,302 ----
right before running loadbsd. The next release of loadbsd will probably be
PoolMem-aware.
!
RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
! changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
!
X11 RELEASE ERROR
The XFree86 binary set was linked with an older version of the C
library. To work around the problem, do the following as root.
X11 RELEASE ERROR
The X11R5 server used in this port does not understand the default
authorization types used by the X11R6 clients, which results in no
clients being able to connect to the server. To fix this
--- 305,311 ----
ln -s libc.so.18.0 libc.so.17
!
X11 RELEASE ERROR
The X11R5 server used in this port does not understand the default
authorization types used by the X11R6 clients, which results in no
clients being able to connect to the server. To fix this
***************
*** 317,323 ****
DisplayManager._0.authName: MIT-MAGIC-COOKIE-1
!
INSTALLATION PROCESS FLAW
The pmax install does not correctly install the boot block.
To work around the problem, after the install program has finished, do
the following (assuming scsi id 0):
--- 315,321 ----
DisplayManager._0.authName: MIT-MAGIC-COOKIE-1
!
INSTALLATION PROCESS FLAW
The pmax install does not correctly install the boot block.
To work around the problem, after the install program has finished, do
the following (assuming scsi id 0):
***************
*** 327,339 ****
disklabel -R -B rz0 /tmp/label
!
RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
! changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
!
X11 RELEASE ERROR
The XFree86 binary set was linked with an older version of the C
library. To work around the problem, do the following as root.
--- 325,337 ----
disklabel -R -B rz0 /tmp/label
!
RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
! changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
!
X11 RELEASE ERROR
The XFree86 binary set was linked with an older version of the C
library. To work around the problem, do the following as root.
RELEASE WARNING
When you start the install an upgrade option is advertised but
there really is no such option.
!
RELEASE WARNING
When you start the install an upgrade option is advertised but
there really is no such option.
!
RELEASE WARNING
Unlabeled disks with weird geometries can panic the kernel.
A fix will be made available when 2.3 is out.
!
SECURITY FIX
The powerpc release shipped on the OpenBSD 2.3 CD does not contain
two late fixes applied late in the release cycle. The
rmjob and
--- 340,358 ----
ln -s libc.so.18.0 libc.so.17
!
RELEASE WARNING
When you start the install an upgrade option is advertised but
there really is no such option.
!
RELEASE WARNING
When you start the install an upgrade option is advertised but
there really is no such option.
!
RELEASE WARNING
Unlabeled disks with weird geometries can panic the kernel.
A fix will be made available when 2.3 is out.
!
SECURITY FIX
The powerpc release shipped on the OpenBSD 2.3 CD does not contain
two late fixes applied late in the release cycle. The
rmjob and
***************
*** 365,370 ****
-
-
-
--- 363,365 ----