| version 1.57, 2013/10/26 15:21:13 |
version 1.58, 2014/02/27 17:26:45 |
|
|
| <a href="errata51.html">5.1</a>, |
<a href="errata51.html">5.1</a>, |
| <a href="errata52.html">5.2</a>, |
<a href="errata52.html">5.2</a>, |
| <a href="errata53.html">5.3</a>, |
<a href="errata53.html">5.3</a>, |
| <a href="errata54.html">5.4</a>. |
<a href="errata54.html">5.4</a>, |
| |
<a href="errata55.html">5.5</a>. |
| <br> |
<br> |
| <hr> |
<hr> |
| |
|
|
|
| A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
| by default, but some people may actually be using it. |
by default, but some people may actually be using it. |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/bootpd.patch"> |
| A source code patch exists which remedies this problem</a>, this is the |
A source code patch exists which remedies this problem</a>, this is the |
| second version of the patch. |
second version of the patch. |
| <p> |
<p> |
| <li><a name="tcpfix"></a> |
<li><a name="tcpfix"></a> |
|
|
| system libraries, and hence setuid and setgid processes should not |
system libraries, and hence setuid and setgid processes should not |
| be executed with these descriptors unallocated. A patch which forces |
be executed with these descriptors unallocated. A patch which forces |
| setuid and setgid processes to have some descriptors in fd slots |
setuid and setgid processes to have some descriptors in fd slots |
| 0, 1, and 2 is |
0, 1, and 2 is |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/fdalloc.patch"> |
| available here.</a> |
available here.</a> |
| <p> |
<p> |
|
|
| <h3><font color="#e00000">amiga</font></h3> |
<h3><font color="#e00000">amiga</font></h3> |
| <ul> |
<ul> |
| <li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
<li><font color="#009000"><strong>MINOR INCOMPATIBILITY</strong></font><br> |
| The AmigaOS patch |
The AmigaOS patch |
| <a href="http://us.aminet.net/pub/aminet/util/sys/PoolMem.lha">PoolMem</a> |
<a href="http://us.aminet.net/pub/aminet/util/sys/PoolMem.lha">PoolMem</a> |
| improves AmigaOS memory handling tremendously, but confuses loadbsd, which |
improves AmigaOS memory handling tremendously, but confuses loadbsd, which |
| grabs less memory from the system than is available. To work around the |
grabs less memory from the system than is available. To work around the |
|
|
| <li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
| The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
The powerpc release shipped on the OpenBSD 2.3 CD does not contain |
| two late fixes applied late in the release cycle. The |
two late fixes applied late in the release cycle. The |
| <a href="errata22.html#rmjob">rmjob</a> and |
<a href="errata22.html#rmjob">rmjob</a> and |
| <a href="errata22.html#uucpd">uucpd</a> patches should be applied to |
<a href="errata22.html#uucpd">uucpd</a> patches should be applied to |
| the system if those subsystems are used. |
the system if those subsystems are used. |
| <p> |
<p> |
|
|
| <br> |
<br> |
| |
|
| <hr> |
<hr> |
| <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> |
| <a href="mailto:www@openbsd.org">www@openbsd.org</a> |
<a href="mailto:www@openbsd.org">www@openbsd.org</a> |
| <br><small>$OpenBSD$</small> |
<br><small>$OpenBSD$</small> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to errata23.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www