===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata24.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -c -r1.46 -r1.47
*** www/errata24.html 2010/03/08 21:53:37 1.46
--- www/errata24.html 2010/07/08 19:00:07 1.47
***************
*** 53,59 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 53,59 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 69,106 ****
RELIABILITY FIX
A local user can crash the system by reading a file larger than 64meg
from an ext2fs partition.
!
A source code patch exists which remedies this problem.
RELIABILITY FIX
A local user can crash the system because of a bug in the vfs layer.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A machine crash is possible when playing with poll(2).
!
A source code patch exists which remedies this problem.
SECURITY FIX
A machine crash is possible when playing with link(2) on FFS.
!
A source code patch exists which remedies this problem. This
is version four of the patch.
SECURITY FIX
A buffer overflow existed in ping(8), which may have a security issue.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A race condition in IP ipq handling could permit a remote crash.
!
A source code patch exists which remedies this problem.
It must be installed after the maxqueue patch.
and the tcp decoding patch.
--- 69,106 ----
RELIABILITY FIX
A local user can crash the system by reading a file larger than 64meg
from an ext2fs partition.
!
A source code patch exists which remedies this problem.
RELIABILITY FIX
A local user can crash the system because of a bug in the vfs layer.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A machine crash is possible when playing with poll(2).
!
A source code patch exists which remedies this problem.
SECURITY FIX
A machine crash is possible when playing with link(2) on FFS.
!
A source code patch exists which remedies this problem. This
is version four of the patch.
SECURITY FIX
A buffer overflow existed in ping(8), which may have a security issue.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A race condition in IP ipq handling could permit a remote crash.
!
A source code patch exists which remedies this problem.
It must be installed after the maxqueue patch.
and the tcp decoding patch.
***************
*** 109,141 ****
SECURITY FIX
A race condition existed between accept(2) and select(2) which could
permit an attacker to hang sockets from remote.
!
A source code patch exists which remedies this problem.
SECURITY FIX
IP fragment assembly can bog the machine excessively and cause problems.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
The readv(2) and writev(2) system calls would not accept a struct iovec
with an iov_len of 0. This causes a db test in perl to fail.
!
A source code patch exists which remedies this problem.
SECURITY FIX
TCP/IP RST handling was too sloppy.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate
memory".
!
A source code patch exists which remedies this problem.
--- 109,141 ----
SECURITY FIX
A race condition existed between accept(2) and select(2) which could
permit an attacker to hang sockets from remote.
!
A source code patch exists which remedies this problem.
SECURITY FIX
IP fragment assembly can bog the machine excessively and cause problems.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
The readv(2) and writev(2) system calls would not accept a struct iovec
with an iov_len of 0. This causes a db test in perl to fail.
!
A source code patch exists which remedies this problem.
SECURITY FIX
TCP/IP RST handling was too sloppy.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate
memory".
!
A source code patch exists which remedies this problem.
***************
*** 143,149 ****
A problem with writing to NFS version 3 mounted filesystems from Solaris 7
hosts exists. Attempts to create files will result in an error such as
"Inappropriate file type or format".
!
A source code patch exists which remedies this problem.
--- 143,149 ----
A problem with writing to NFS version 3 mounted filesystems from Solaris 7
hosts exists. Attempts to create files will result in an error such as
"Inappropriate file type or format".
!
A source code patch exists which remedies this problem.
***************
*** 152,204 ****
and powerpc) exists when mounting filesystems larger than 2gig. You
can see evidence of the bug by running df(1) and checking for negative
partition sizes.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A security problem exists in the curses and ocurses libraries that affect
setuid programs linked with -lcurses or -locurses.
!
A source code patch exists which remedies this problem.
Precompiled versions of libcurses and libocurses exist for the
! i386
platform. Unpack it in /usr/lib.
FUNCTIONALITY FIX
A workaround for an xterm problem that causes vi to not
restore the correct cursor position on exit.
!
A source code patch exists which remedies this problem.
Alternately, you can also download a pre-compiled terminfo file to be
installed as /usr/share/misc/terminfo.db. For i386,
alpha and mips, use the
!
little endian version. For sparc, m68k and powerpc, use the
!
big endian version.
FUNCTIONALITY FIX
userdir support was accidentally left out of httpd(8).
!
A source code patch exists which remedies this problem.
SECURITY FIX
A remotely exploitable problem exists in bootpd(8). bootpd is disabled
by default, but some people may actually be using it.
!
A source code patch exists which remedies this problem, this is the
second version of the patch.
SECURITY FIX
A remote machine lockup problem exists in the TCP decoding code.
!
A source code patch exists which remedies this problem.
--- 152,204 ----
and powerpc) exists when mounting filesystems larger than 2gig. You
can see evidence of the bug by running df(1) and checking for negative
partition sizes.
!
A source code patch exists which remedies this problem.
SECURITY FIX
A security problem exists in the curses and ocurses libraries that affect
setuid programs linked with -lcurses or -locurses.
!
A source code patch exists which remedies this problem.
Precompiled versions of libcurses and libocurses exist for the
! i386
platform. Unpack it in /usr/lib.
FUNCTIONALITY FIX
A workaround for an xterm problem that causes vi to not
restore the correct cursor position on exit.
!
A source code patch exists which remedies this problem.
Alternately, you can also download a pre-compiled terminfo file to be
installed as /usr/share/misc/terminfo.db. For i386,
alpha and mips, use the
!
little endian version. For sparc, m68k and powerpc, use the
!
big endian version.
FUNCTIONALITY FIX
userdir support was accidentally left out of httpd(8).
!
A source code patch exists which remedies this problem.
SECURITY FIX
A remotely exploitable problem exists in bootpd(8). bootpd is disabled
by default, but some people may actually be using it.
!
A source code patch exists which remedies this problem, this is the
second version of the patch.
SECURITY FIX
A remote machine lockup problem exists in the TCP decoding code.
!
A source code patch exists which remedies this problem.
***************
*** 209,215 ****
SECURITY FIX
This is another fix for a kernel crash caused by the
crashme program.
!
A source code patch exists which remedies this problem.
--- 209,215 ----
SECURITY FIX
This is another fix for a kernel crash caused by the
crashme program.
!
A source code patch exists which remedies this problem.
***************
*** 221,241 ****
stage. In 2.5, the bootblocks will be modified to use a new location.
Hence, if you wish old kernels to boot on a new bootblock, those
kernels will only work if they were linked with this patch.
!
A source code patch exists which remedies this problem.
SECURITY FIX
i386 trace-trap handling when DDB was configured could cause a system
crash.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
i386 installboot had a sign extension bug which prevented proper bootblock
initialization when the root filesystem was placed beyond 4GB.
!
A source code patch exists which remedies this problem.
Unfortunately, updated 2.4 install floppies are not available. Just ensure
that your root filesystem is below 4GB, for now.
--- 221,241 ----
stage. In 2.5, the bootblocks will be modified to use a new location.
Hence, if you wish old kernels to boot on a new bootblock, those
kernels will only work if they were linked with this patch.
!
A source code patch exists which remedies this problem.
SECURITY FIX
i386 trace-trap handling when DDB was configured could cause a system
crash.
!
A source code patch exists which remedies this problem.
FUNCTIONALITY FIX
i386 installboot had a sign extension bug which prevented proper bootblock
initialization when the root filesystem was placed beyond 4GB.
!
A source code patch exists which remedies this problem.
Unfortunately, updated 2.4 install floppies are not available. Just ensure
that your root filesystem is below 4GB, for now.
***************
*** 256,269 ****
The sparc hme(4) and be(4) drivers work poorly on some types of SS-20
machines. This is because those machines lie, saying they support 64-bit DMA
bursting. No sun4m machines support that.
!
A source code patch exists which remedies this problem.
DRIVER FIX
The sparc le(4) driver does media changes incorrectly on one type of
sbus le(4) card.
!
A source code patch exists which remedies this problem.
--- 256,269 ----
The sparc hme(4) and be(4) drivers work poorly on some types of SS-20
machines. This is because those machines lie, saying they support 64-bit DMA
bursting. No sun4m machines support that.
!
A source code patch exists which remedies this problem.
DRIVER FIX
The sparc le(4) driver does media changes incorrectly on one type of
sbus le(4) card.
!
A source code patch exists which remedies this problem.
***************
*** 354,360 ****
www@openbsd.org
!
$OpenBSD: errata24.html,v 1.46 2010/03/08 21:53:37 deraadt Exp $