version 1.57, 2013/10/26 15:21:13 |
version 1.58, 2014/02/27 17:26:45 |
|
|
<a href="errata51.html">5.1</a>, |
<a href="errata51.html">5.1</a>, |
<a href="errata52.html">5.2</a>, |
<a href="errata52.html">5.2</a>, |
<a href="errata53.html">5.3</a>, |
<a href="errata53.html">5.3</a>, |
<a href="errata54.html">5.4</a>. |
<a href="errata54.html">5.4</a>, |
|
<a href="errata55.html">5.5</a>. |
<br> |
<br> |
<hr> |
<hr> |
|
|
|
|
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
by default, but some people may actually be using it. |
by default, but some people may actually be using it. |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
A source code patch exists which remedies this problem</a>, this is the |
A source code patch exists which remedies this problem</a>, this is the |
second version of the patch. |
second version of the patch. |
<p> |
<p> |
<li><a name="tcpfix"></a> |
<li><a name="tcpfix"></a> |
|
|
system libraries, and hence setuid and setgid processes should not |
system libraries, and hence setuid and setgid processes should not |
be executed with these descriptors unallocated. A patch which forces |
be executed with these descriptors unallocated. A patch which forces |
setuid and setgid processes to have some descriptors in fd slots |
setuid and setgid processes to have some descriptors in fd slots |
0, 1, and 2 is |
0, 1, and 2 is |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
available here.</a> |
available here.</a> |
<p> |
<p> |
|
|
<h3><font color="#e00000">amiga</font></h3> |
<h3><font color="#e00000">amiga</font></h3> |
<ul> |
<ul> |
<li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
<li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
The AmigaOS patch |
The AmigaOS patch |
<a href="http://us.aminet.net/pub/aminet/util/sys/PoolMem.lha">PoolMem</a> |
<a href="http://us.aminet.net/pub/aminet/util/sys/PoolMem.lha">PoolMem</a> |
improves AmigaOS memory handling tremendously, but confuses loadbsd, which |
improves AmigaOS memory handling tremendously, but confuses loadbsd, which |
grabs less memory from the system than is available. To work around the |
grabs less memory from the system than is available. To work around the |
|
|
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
two late fixes applied late in the release cycle. The |
two late fixes applied late in the release cycle. The |
<a href="errata22.html#rmjob">rmjob</a> and |
<a href="errata22.html#rmjob">rmjob</a> and |
<a href="errata22.html#uucpd">uucpd</a> patches should be applied to |
<a href="errata22.html#uucpd">uucpd</a> patches should be applied to |
the system if those subsystems are used. |
the system if those subsystems are used. |
<p> |
<p> |
|
|
<br> |
<br> |
|
|
<hr> |
<hr> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href="mailto:www@openbsd.org">www@openbsd.org</a> |
<a href="mailto:www@openbsd.org">www@openbsd.org</a> |
<br><small>$OpenBSD$</small> |
<br><small>$OpenBSD$</small> |
|
|