version 1.30, 2003/10/24 22:12:40 |
version 1.31, 2003/11/21 16:55:15 |
|
|
<meta name="keywords" content="openbsd,cd,errata"> |
<meta name="keywords" content="openbsd,cd,errata"> |
<meta name="distribution" content="global"> |
<meta name="distribution" content="global"> |
<meta name="copyright" content="This document copyright 1997-2001 by OpenBSD."> |
<meta name="copyright" content="This document copyright 1997-2001 by OpenBSD."> |
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
</head> |
</head> |
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
|
|
|
|
<hr> |
<hr> |
|
|
<dl> |
<a name="all"></a> |
<a name=all></a> |
<h3><font color="#e00000">All architectures</font></h3> |
<li><h3><font color="#e00000">All architectures</font></h3> |
|
<ul> |
<ul> |
<a name=bootpd></a> |
<li><a name="bootpd"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
by default, but some people may actually be using it. |
by default, but some people may actually be using it. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
A source code patch exists which remedies this problem</a>, this is the |
A source code patch exists which remedies this problem</a>, this is the |
second version of the patch. |
second version of the patch. |
<p> |
<p> |
<a name=tcpfix></a> |
<li><a name="tcpfix"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A remote machine lockup problem exists in the TCP decoding code. |
A remote machine lockup problem exists in the TCP decoding code. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/tcpfix.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/tcpfix.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=atapi></a> |
<li><a name="atapi"></a> |
<li><font color="#009000"><strong>HARDWARE SUPPORT</strong></font><br> |
<font color="#009000"><strong>HARDWARE SUPPORT</strong></font><br> |
Some ATAPI cdroms which do not support the full mandatory command set, |
Some ATAPI cdroms which do not support the full mandatory command set, |
(e.g. ATAPI_READ_CD_CAPACITY) do not work with the acd(4) driver. |
(e.g. ATAPI_READ_CD_CAPACITY) do not work with the acd(4) driver. |
A patch is |
A patch is |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/acd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/acd.patch"> |
available here.</a> |
available here.</a> |
<p> |
<p> |
<a name=chpass></a> |
<li><a name="chpass"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
Chpass(1) has a file descriptor leak which allows an |
Chpass(1) has a file descriptor leak which allows an |
attacker to modify /etc/master.passwd. |
attacker to modify /etc/master.passwd. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/chpass.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/chpass.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=resid></a> |
<li><a name="resid"></a> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
Calling readv(2) with iov_len < 0 or > INT_MAX would result in a |
Calling readv(2) with iov_len < 0 or > INT_MAX would result in a |
kernel panic. This is the third revision of this patch. |
kernel panic. This is the third revision of this patch. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/resid.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/resid.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=inetd></a> |
<li><a name="inetd"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
Inetd had a file descriptor leak. A patch is |
Inetd had a file descriptor leak. A patch is |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/inetd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/inetd.patch"> |
available here.</a> |
available here.</a> |
<p> |
<p> |
<a name=unionfs></a> |
<li><a name="unionfs"></a> |
<li><font color="#009000"><strong>BUG FIX</strong></font><br> |
<font color="#009000"><strong>BUG FIX</strong></font><br> |
As shipped, unionfs had some serious problems. |
As shipped, unionfs had some serious problems. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/unionfs.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/unionfs.patch"> |
A patch is available to solve this</a>. |
A patch is available to solve this</a>. |
<p> |
<p> |
<a name=fdalloc></a> |
<li><a name="fdalloc"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
Some non-allocated file descriptors have implied uses according to |
Some non-allocated file descriptors have implied uses according to |
system libraries, and hence setuid and setgid processes should not |
system libraries, and hence setuid and setgid processes should not |
be executed with these descriptors unallocated. A patch which forces |
be executed with these descriptors unallocated. A patch which forces |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
available here.</a> |
available here.</a> |
<p> |
<p> |
<a name=resolver></a> |
<li><a name="resolver"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A benign looking buffer overflow in the resolver routines was re-introduced |
A benign looking buffer overflow in the resolver routines was re-introduced |
accidentally. The previously fixed behaviour is more correct. A patch |
accidentally. The previously fixed behaviour is more correct. A patch |
to fix this is |
to fix this is |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/resolver.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/resolver.patch"> |
available here.</a> |
available here.</a> |
<p> |
<p> |
<a name=xlib></a> |
<li><a name="xlib"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
Vulnerabilities have been found in the X11, Xt, Xaw and Xmu |
Vulnerabilities have been found in the X11, Xt, Xaw and Xmu |
libraries. These affect xterm and all other setuid-root programs that |
libraries. These affect xterm and all other setuid-root programs that |
use these libraries. The problems are associated with buffer overflows |
use these libraries. The problems are associated with buffer overflows |
|
|
The 2nd source patch</a> for these problems, specifically adapted to the |
The 2nd source patch</a> for these problems, specifically adapted to the |
OpenBSD 2.3 X11 tree, is available now. |
OpenBSD 2.3 X11 tree, is available now. |
<p> |
<p> |
<a name=kill></a> |
<li><a name="kill"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
The kill(2) system call previously would permit a large set of signals to |
The kill(2) system call previously would permit a large set of signals to |
be delivered to setuid or setgid processes. If such processes were using |
be delivered to setuid or setgid processes. If such processes were using |
those signals in dubious ways, this could have resulted in security |
those signals in dubious ways, this could have resulted in security |
|
|
The fourth revision of a source code patch which solves the problem is |
The fourth revision of a source code patch which solves the problem is |
available.</a> |
available.</a> |
<p> |
<p> |
<a name=immutable></a> |
<li><a name="immutable"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A possible new security problem exists if you rely on securelevels and |
A possible new security problem exists if you rely on securelevels and |
immutable or append-only files or character devices. The fix does not |
immutable or append-only files or character devices. The fix does not |
permit mmap'ing of immutable or append-only files which are otherwise |
permit mmap'ing of immutable or append-only files which are otherwise |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/immutable.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/immutable.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=ipsec></a> |
<li><a name="ipsec"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
If IPSEC communication is attempted by starting photurisd(8) (which is |
If IPSEC communication is attempted by starting photurisd(8) (which is |
disabled by default), a system crash may be evoked from remote if |
disabled by default), a system crash may be evoked from remote if |
an attacker uses some classes of invalid packets. |
an attacker uses some classes of invalid packets. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/ipsec.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/ipsec.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=xterm-xaw></a> |
<a name="xterm-xaw"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
As stated in CERT advisory VB-98.04, there are buffer |
As stated in CERT advisory VB-98.04, there are buffer |
overrun problems in <strong>xterm</strong> related to the input-Method, |
overrun problems in <strong>xterm</strong> related to the input-Method, |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/arc/Xawfix.tgz">arc</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/arc/Xawfix.tgz">arc</a>. |
<p> |
<p> |
</ul> |
</ul> |
<a name=i386></a> |
<a name="i386"></a> |
<li><h3><font color="#e00000">i386</font></h3> |
<h3><font color="#e00000">i386</font></h3> |
<ul> |
<ul> |
<a name=pctr></a> |
<li><a name="pctr"></a> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
The pctr(4) driver has bugs that permit any user to crash the machine, |
The pctr(4) driver has bugs that permit any user to crash the machine, |
if the CPU is not an Intel CPU. This problem has been properly fixed |
if the CPU is not an Intel CPU. This problem has been properly fixed |
since, but fixes are hard to apply to the 2.2 or 2.3 releases. To avoid |
since, but fixes are hard to apply to the 2.2 or 2.3 releases. To avoid |
|
|
<li>SHA1 (ghostscript-5.10.tgz) = bd9374fa547ac0078d5207463d3b0a19d80d213c |
<li>SHA1 (ghostscript-5.10.tgz) = bd9374fa547ac0078d5207463d3b0a19d80d213c |
</ul> |
</ul> |
<p> |
<p> |
<a name=pcvt></a> |
<a name="pcvt"></a> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
The pcvt(4) console driver has a bug that can cause some keyboard |
The pcvt(4) console driver has a bug that can cause some keyboard |
controllers to lock up when a key is pressed that toggles the status |
controllers to lock up when a key is pressed that toggles the status |
|
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
</ul> |
</ul> |
<a name=mac68k></a> |
<a name="mac68k"></a> |
<li><h3><font color="#e00000">mac68k</font></h3> |
<h3><font color="#e00000">mac68k</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
<p> |
<p> |
</ul> |
</ul> |
<a name=sparc></a> |
<a name="sparc"></a> |
<li><h3><font color="#e00000">sparc</font></h3> |
<h3><font color="#e00000">sparc</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
The 2.3 release does not run reliably on the sun4m LX/LC machines |
The 2.3 release does not run reliably on the sun4m LX/LC machines |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/sparc">also available</a>. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/sparc">also available</a>. |
<p> |
<p> |
</ul> |
</ul> |
<a name=amiga></a> |
<a name="amiga"></a> |
<li><h3><font color="#e00000">amiga</font></h3> |
<h3><font color="#e00000">amiga</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
<li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
The AmigaOS patch |
The AmigaOS patch |
|
|
PoolMem-aware. |
PoolMem-aware. |
<p> |
<p> |
</ul> |
</ul> |
<a name=pmax></a> |
<a name="pmax"></a> |
<li><h3><font color="#e00000">pmax</font></h3> |
<h3><font color="#e00000">pmax</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
The XFree86 binary set shipped on the CD and FTP site are not the |
The XFree86 binary set shipped on the CD and FTP site are not the |
|
|
The XFree86 binary set was linked with an older version of the C |
The XFree86 binary set was linked with an older version of the C |
library. To work around the problem, do the following as root. |
library. To work around the problem, do the following as root. |
<p> |
<p> |
<ul> |
<pre> |
cd /usr/lib/ |
cd /usr/lib/ |
<br> |
ln -s libc.so.18.0 libc.so.17 |
ln -s libc.so.18.0 libc.so.17 |
</pre> |
</ul> |
|
<p> |
<p> |
<li><font color="#009000"><strong>X11 RELEASE ERROR</strong></font><br> |
<li><font color="#009000"><strong>X11 RELEASE ERROR</strong></font><br> |
The X11R5 server used in this port does not understand the default |
The X11R5 server used in this port does not understand the default |
|
|
clients being able to connect to the server. To fix this |
clients being able to connect to the server. To fix this |
problem add the line below to /usr/X11R6/lib/X11/xdm/xdm-config. |
problem add the line below to /usr/X11R6/lib/X11/xdm/xdm-config. |
<p> |
<p> |
<ul> |
<pre> |
DisplayManager._0.authName: MIT-MAGIC-COOKIE-1 |
DisplayManager._0.authName: MIT-MAGIC-COOKIE-1 |
</ul> |
</pre> |
<p> |
<p> |
<li><font color="#009000"><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
<li><font color="#009000"><strong>INSTALLATION PROCESS FLAW</strong></font><br> |
The pmax install does not correctly install the boot block. |
The pmax install does not correctly install the boot block. |
To work around the problem, after the install program has finished, do |
To work around the problem, after the install program has finished, do |
the following (assuming scsi id 0): |
the following (assuming scsi id 0): |
<p> |
<p> |
<ul> |
<pre> |
disklabel rz0 > /tmp/label |
disklabel rz0 > /tmp/label |
<br> |
disklabel -R -B rz0 /tmp/label |
disklabel -R -B rz0 /tmp/label |
</pre> |
</ul> |
|
<p> |
<p> |
</ul> |
</ul> |
<a name=arc></a> |
<a name="arc"></a> |
<li><h3><font color="#e00000">arc</font></h3> |
<h3><font color="#e00000">arc</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
The XFree86 binary set shipped on the CD and FTP site are not the |
The XFree86 binary set shipped on the CD and FTP site are not the |
|
|
The XFree86 binary set was linked with an older version of the C |
The XFree86 binary set was linked with an older version of the C |
library. To work around the problem, do the following as root. |
library. To work around the problem, do the following as root. |
<p> |
<p> |
<ul> |
<pre> |
cd /usr/lib/ |
cd /usr/lib/ |
<br> |
ln -s libc.so.18.0 libc.so.17 |
ln -s libc.so.18.0 libc.so.17 |
</pre> |
</ul> |
|
<p> |
<p> |
</ul> |
</ul> |
<a name=alpha></a> |
<a name="alpha"></a> |
<li><h3><font color="#e00000">alpha</font></h3> |
<h3><font color="#e00000">alpha</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
When you start the install an upgrade option is advertised but |
When you start the install an upgrade option is advertised but |
there really is no such option. |
there really is no such option. |
<p> |
<p> |
</ul> |
</ul> |
<a name=hp300></a> |
<a name="hp300"></a> |
<li><h3><font color="#e00000">hp300</font></h3> |
<h3><font color="#e00000">hp300</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
<li><font color="#009000"><strong>RELEASE WARNING</strong></font><br> |
When you start the install an upgrade option is advertised but |
When you start the install an upgrade option is advertised but |
|
|
A fix will be made available when 2.3 is out. |
A fix will be made available when 2.3 is out. |
<p> |
<p> |
</ul> |
</ul> |
<a name=mvme68k></a> |
<a name="mvme68k"></a> |
<li><h3><font color="#e00000">mvme68k</font></h3> |
<h3><font color="#e00000">mvme68k</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
<p> |
<p> |
</ul> |
</ul> |
<a name=powerpc></a> |
<a name="powerpc"></a> |
<li><h3><font color="#e00000">powerpc</font></h3> |
<h3><font color="#e00000">powerpc</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
|
|
<p> |
<p> |
</ul> |
</ul> |
|
|
</dl> |
|
<br> |
<br> |
|
|
<hr> |
<hr> |