version 1.26, 2003/10/24 22:12:40 |
version 1.27, 2003/11/21 16:55:16 |
|
|
<meta name="keywords" content="openbsd,cd,errata"> |
<meta name="keywords" content="openbsd,cd,errata"> |
<meta name="distribution" content="global"> |
<meta name="distribution" content="global"> |
<meta name="copyright" content="This document copyright 1997-2001 by OpenBSD."> |
<meta name="copyright" content="This document copyright 1997-2001 by OpenBSD."> |
|
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
</head> |
</head> |
|
|
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E"> |
|
|
consult the <a href="./faq/faq10.html#10.14">OpenBSD FAQ</a>. |
consult the <a href="./faq/faq10.html#10.14">OpenBSD FAQ</a>. |
|
|
<hr> |
<hr> |
|
<a name="all"></a> |
|
<h3><font color="#e00000">All architectures</font></h3> |
<ul> |
<ul> |
<dl> |
<li><a name="bmap"></a> |
<a name=all></a> |
<font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<li><h3><font color="#e00000">All architectures</font></h3> |
|
<ul> |
|
<a name=bmap></a> |
|
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
|
A local user can crash the system by reading a file larger than 64meg |
A local user can crash the system by reading a file larger than 64meg |
from an ext2fs partition. |
from an ext2fs partition. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/bmap.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/bmap.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=lnpanic></a> |
<li><a name="lnpanic"></a> |
<li><font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
<font color="#009000"><strong>RELIABILITY FIX</strong></font><br> |
A local user can crash the system because of a bug in the vfs layer. |
A local user can crash the system because of a bug in the vfs layer. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/lnpanic.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/lnpanic.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=poll></a> |
<li><a name="poll"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A machine crash is possible when playing with poll(2). |
A machine crash is possible when playing with poll(2). |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/poll.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/poll.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=nlink></a> |
<li><a name="nlink"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A machine crash is possible when playing with link(2) on FFS. |
A machine crash is possible when playing with link(2) on FFS. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nlink.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nlink.patch"> |
A source code patch exists which remedies this problem. This |
A source code patch exists which remedies this problem. This |
is version four of the patch.</a> |
is version four of the patch.</a> |
<p> |
<p> |
<a name=ping></a> |
<li><a name="ping"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A buffer overflow existed in ping(8), which may have a security issue. |
A buffer overflow existed in ping(8), which may have a security issue. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/ping.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/ping.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=ipqrace></a> |
<li><a name="ipqrace"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A race condition in IP ipq handling could permit a remote crash. |
A race condition in IP ipq handling could permit a remote crash. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/ipqrace.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/ipqrace.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
It must be installed after <a href="errata24.html#maxqueue">the maxqueue patch</a>. |
It must be installed after <a href="errata24.html#maxqueue">the maxqueue patch</a>. |
and <a href="errata24.html#tcpfix">the tcp decoding patch</a>. |
and <a href="errata24.html#tcpfix">the tcp decoding patch</a>. |
<p> |
<p> |
<a name=accept></a> |
<li><a name="accept"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A race condition existed between accept(2) and select(2) which could |
A race condition existed between accept(2) and select(2) which could |
permit an attacker to hang sockets from remote. |
permit an attacker to hang sockets from remote. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/accept.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/accept.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=maxqueue></a> |
<li><a name="maxqueue"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
IP fragment assembly can bog the machine excessively and cause problems. |
IP fragment assembly can bog the machine excessively and cause problems. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/maxqueue.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/maxqueue.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=uio></a> |
<li><a name="uio"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
The readv(2) and writev(2) system calls would not accept a <em>struct iovec</em> |
The readv(2) and writev(2) system calls would not accept a <em>struct iovec</em> |
with an <strong>iov_len</strong> of 0. This causes a db test in perl to fail. |
with an <strong>iov_len</strong> of 0. This causes a db test in perl to fail. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/uio.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/uio.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=rst></a> |
<li><a name="rst"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
TCP/IP RST handling was too sloppy. |
TCP/IP RST handling was too sloppy. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/rst.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/rst.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=kvm_mkdb></a> |
<li><a name="kvm_mkdb"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate |
During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate |
memory". |
memory". |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/kvm_mkdb.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/kvm_mkdb.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=nfs3_solaris7></a> |
<li><a name="nfs3_solaris7"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
A problem with writing to NFS version 3 mounted filesystems from Solaris 7 |
A problem with writing to NFS version 3 mounted filesystems from Solaris 7 |
hosts exists. Attempts to create files will result in a error such as |
hosts exists. Attempts to create files will result in a error such as |
"Inappropriate file type or format". |
"Inappropriate file type or format". |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nfs3_solaris7.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nfs3_solaris7.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=nfs3></a> |
<li><a name="nfs3"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
A problem with NFS version 3 mounts on big endian machines (m68k, sparc |
A problem with NFS version 3 mounts on big endian machines (m68k, sparc |
and powerpc) exists when mounting filesystems larger than 2gig. You |
and powerpc) exists when mounting filesystems larger than 2gig. You |
can see evidence of the bug by running df(1) and checking for negative |
can see evidence of the bug by running df(1) and checking for negative |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nfs3.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/nfs3.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=termcap></a> |
<li><a name="termcap"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A security problem exists in the curses and ocurses libraries that affect |
A security problem exists in the curses and ocurses libraries that affect |
setuid programs linked with -lcurses or -locurses. |
setuid programs linked with -lcurses or -locurses. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/termcap.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/termcap.patch"> |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/curses.tar.gz">i386</a> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/curses.tar.gz">i386</a> |
platform. Unpack it in /usr/lib. |
platform. Unpack it in /usr/lib. |
<p> |
<p> |
<a name=terminfo></a> |
<li><a name="terminfo"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
A workaround for an xterm problem that causes <strong>vi</strong> to not |
A workaround for an xterm problem that causes <strong>vi</strong> to not |
restore the correct cursor position on exit. |
restore the correct cursor position on exit. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/terminfo.src.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/terminfo.src.patch"> |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/terminfo.db-BE.tar.gz"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/terminfo.db-BE.tar.gz"> |
big endian</a> version. |
big endian</a> version. |
<p> |
<p> |
<a name=userdir></a> |
<li><a name="userdir"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<strong>userdir</strong> support was accidentally left out of httpd(8). |
<strong>userdir</strong> support was accidentally left out of httpd(8). |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/userdir.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/userdir.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=bootpd></a> |
<li><a name="bootpd"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
A remotely exploitable problem exists in bootpd(8). bootpd is disabled |
by default, but some people may actually be using it. |
by default, but some people may actually be using it. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/bootpd.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/bootpd.patch"> |
A source code patch exists which remedies this problem</a>, this is the |
A source code patch exists which remedies this problem</a>, this is the |
second version of the patch. |
second version of the patch. |
<p> |
<p> |
<a name=tcpfix></a> |
<li><a name="tcpfix"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
A remote machine lockup problem exists in the TCP decoding code. |
A remote machine lockup problem exists in the TCP decoding code. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/tcpfix.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/common/tcpfix.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
</ul> |
</ul> |
<a name=i386></a> |
<a name="i386"></a> |
<li><h3><font color="#e00000">i386</font></h3> |
<h3><font color="#e00000">i386</font></h3> |
<ul> |
<ul> |
<a name=tss></a> |
<li><a name="tss"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
This is another fix for a kernel crash caused by the |
This is another fix for a kernel crash caused by the |
<strong>crashme</strong> program. |
<strong>crashme</strong> program. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/tss.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/tss.patch"> |
A source code patch exists which remedies this problem.</a><br> |
A source code patch exists which remedies this problem.</a><br> |
<p> |
<p> |
<a name=bootargv></a> |
<li><a name="bootargv"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
The kernel was using a fixed and hard-coded location for the arguments |
The kernel was using a fixed and hard-coded location for the arguments |
vector passed from the <strong>/boot</strong> loader. This prevented |
vector passed from the <strong>/boot</strong> loader. This prevented |
<strong>/boot</strong> from placing the boot arguments vector at any |
<strong>/boot</strong> from placing the boot arguments vector at any |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/bootargv.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/bootargv.patch"> |
A source code patch exists which remedies this problem.</a><br> |
A source code patch exists which remedies this problem.</a><br> |
<p> |
<p> |
<a name=trctrap></a> |
<li><a name="trctrap"></a> |
<li><font color="#009000"><strong>SECURITY FIX</strong></font><br> |
<font color="#009000"><strong>SECURITY FIX</strong></font><br> |
i386 trace-trap handling when DDB was configured could cause a system |
i386 trace-trap handling when DDB was configured could cause a system |
crash. |
crash. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/trctrap.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/trctrap.patch"> |
A source code patch exists which remedies this problem.</a><br> |
A source code patch exists which remedies this problem.</a><br> |
<p> |
<p> |
<a name=installboot></a> |
<li><a name="installboot"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
i386 installboot had a sign extension bug which prevented proper bootblock |
i386 installboot had a sign extension bug which prevented proper bootblock |
initialization when the root filesystem was placed beyond 4GB. |
initialization when the root filesystem was placed beyond 4GB. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/installboot.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/i386/installboot.patch"> |
|
|
<p> |
<p> |
</ul> |
</ul> |
<p> |
<p> |
<a name=mac68k></a> |
<a name="mac68k"></a> |
<li><h3><font color="#e00000">mac68k</font></h3> |
<h3><font color="#e00000">mac68k</font></h3> |
<ul> |
<ul> |
<p> |
|
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=sparc></a> |
<a name="sparc"></a> |
<li><h3><font color="#e00000">sparc</font></h3> |
<h3><font color="#e00000">sparc</font></h3> |
<ul> |
<ul> |
<a name=hme></a> |
<li><a name="hme"></a> |
<li><font color="#009000"><strong>DRIVER FIX</strong></font><br> |
<font color="#009000"><strong>DRIVER FIX</strong></font><br> |
The sparc hme(4) and be(4) drivers work poorly on some types of SS-20 |
The sparc hme(4) and be(4) drivers work poorly on some types of SS-20 |
machines. This is because those machines lie, saying they support 64-bit DMA |
machines. This is because those machines lie, saying they support 64-bit DMA |
bursting. No sun4m machines support that. |
bursting. No sun4m machines support that. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/sparc/hme.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/sparc/hme.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=le></a> |
<li><a name="le"></a> |
<li><font color="#009000"><strong>DRIVER FIX</strong></font><br> |
<font color="#009000"><strong>DRIVER FIX</strong></font><br> |
The sparc le(4) driver does media changes incorrectly on one type of |
The sparc le(4) driver does media changes incorrectly on one type of |
sbus le(4) card. |
sbus le(4) card. |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/sparc/le.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.4/sparc/le.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
</ul> |
</ul> |
<a name=amiga></a> |
<a name="amiga"></a> |
<li><h3><font color="#e00000">amiga</font></h3> |
<h3><font color="#e00000">amiga</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=pmax></a> |
<a name="pmax"></a> |
<li><h3><font color="#e00000">pmax</font></h3> |
<h3><font color="#e00000">pmax</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=arc></a> |
<a name="arc"></a> |
<li><h3><font color="#e00000">arc</font></h3> |
<h3><font color="#e00000">arc</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=alpha></a> |
<a name="alpha"></a> |
<li><h3><font color="#e00000">alpha</font></h3> |
<h3><font color="#e00000">alpha</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=hp300></a> |
<a name="hp300"></a> |
<li><h3><font color="#e00000">hp300</font></h3> |
<h3><font color="#e00000">hp300</font></h3> |
<ul> |
<ul> |
<a name=hp300X></a> |
<li><a name="hp300X"></a> |
<li><font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
<font color="#009000"><strong>FUNCTIONALITY FIX</strong></font><br> |
The Xhp as shipped does not have the execute permissions set. The fix is |
The Xhp as shipped does not have the execute permissions set. The fix is |
'chmod 755 /usr/X11R6/bin/Xhp' if you have installed X. |
'chmod 755 /usr/X11R6/bin/Xhp' if you have installed X. |
<p> |
<p> |
</ul> |
</ul> |
<p> |
<p> |
<a name=mvme68k></a> |
<a name="mvme68k"></a> |
<li><h3><font color="#e00000">mvme68k</font></h3> |
<h3><font color="#e00000">mvme68k</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
<p> |
<p> |
<a name=powerpc></a> |
<a name="powerpc"></a> |
<li><h3><font color="#e00000">powerpc</font></h3> |
<h3><font color="#e00000">powerpc</font></h3> |
<ul> |
<ul> |
<li>No problems identified yet. |
<li>No problems identified yet. |
</ul> |
</ul> |
|
|
|
|
|
|
<p> |
<p> |
</dl> |
|
</ul> |
|
<br> |
<br> |
|
|
<hr> |
<hr> |