=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata24.html,v retrieving revision 1.46 retrieving revision 1.47 diff -u -r1.46 -r1.47 --- www/errata24.html 2010/03/08 21:53:37 1.46 +++ www/errata24.html 2010/07/08 19:00:07 1.47 @@ -53,7 +53,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. @@ -69,38 +69,38 @@ RELIABILITY FIX
A local user can crash the system by reading a file larger than 64meg from an ext2fs partition. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX
    A local user can crash the system because of a bug in the vfs layer. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    A machine crash is possible when playing with poll(2). - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    A machine crash is possible when playing with link(2) on FFS. - + A source code patch exists which remedies this problem. This is version four of the patch.

  • SECURITY FIX
    A buffer overflow existed in ping(8), which may have a security issue. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    A race condition in IP ipq handling could permit a remote crash. - + A source code patch exists which remedies this problem. It must be installed after the maxqueue patch. and the tcp decoding patch. @@ -109,33 +109,33 @@ SECURITY FIX
    A race condition existed between accept(2) and select(2) which could permit an attacker to hang sockets from remote. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    IP fragment assembly can bog the machine excessively and cause problems. - + A source code patch exists which remedies this problem.

  • FUNCTIONALITY FIX
    The readv(2) and writev(2) system calls would not accept a struct iovec with an iov_len of 0. This causes a db test in perl to fail. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    TCP/IP RST handling was too sloppy. - + A source code patch exists which remedies this problem.

  • FUNCTIONALITY FIX
    During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate memory". - + A source code patch exists which remedies this problem.

  • @@ -143,7 +143,7 @@ A problem with writing to NFS version 3 mounted filesystems from Solaris 7 hosts exists. Attempts to create files will result in an error such as "Inappropriate file type or format". - + A source code patch exists which remedies this problem.

  • @@ -152,53 +152,53 @@ and powerpc) exists when mounting filesystems larger than 2gig. You can see evidence of the bug by running df(1) and checking for negative partition sizes. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    A security problem exists in the curses and ocurses libraries that affect setuid programs linked with -lcurses or -locurses. - + A source code patch exists which remedies this problem.
    Precompiled versions of libcurses and libocurses exist for the -i386 +i386 platform. Unpack it in /usr/lib.

  • FUNCTIONALITY FIX
    A workaround for an xterm problem that causes vi to not restore the correct cursor position on exit. - + A source code patch exists which remedies this problem.
    Alternately, you can also download a pre-compiled terminfo file to be installed as /usr/share/misc/terminfo.db. For i386, alpha and mips, use the - + little endian version. For sparc, m68k and powerpc, use the - + big endian version.

  • FUNCTIONALITY FIX
    userdir support was accidentally left out of httpd(8). - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    A remotely exploitable problem exists in bootpd(8). bootpd is disabled by default, but some people may actually be using it. - + A source code patch exists which remedies this problem, this is the second version of the patch.

  • SECURITY FIX
    A remote machine lockup problem exists in the TCP decoding code. - + A source code patch exists which remedies this problem.

    @@ -209,7 +209,7 @@ SECURITY FIX
    This is another fix for a kernel crash caused by the crashme program. - + A source code patch exists which remedies this problem.

  • @@ -221,21 +221,21 @@ stage. In 2.5, the bootblocks will be modified to use a new location. Hence, if you wish old kernels to boot on a new bootblock, those kernels will only work if they were linked with this patch. - + A source code patch exists which remedies this problem.

  • SECURITY FIX
    i386 trace-trap handling when DDB was configured could cause a system crash. - + A source code patch exists which remedies this problem.

  • FUNCTIONALITY FIX
    i386 installboot had a sign extension bug which prevented proper bootblock initialization when the root filesystem was placed beyond 4GB. - + A source code patch exists which remedies this problem.
    Unfortunately, updated 2.4 install floppies are not available. Just ensure that your root filesystem is below 4GB, for now. @@ -256,14 +256,14 @@ The sparc hme(4) and be(4) drivers work poorly on some types of SS-20 machines. This is because those machines lie, saying they support 64-bit DMA bursting. No sun4m machines support that. - + A source code patch exists which remedies this problem.

  • DRIVER FIX
    The sparc le(4) driver does media changes incorrectly on one type of sbus le(4) card. - + A source code patch exists which remedies this problem.

    @@ -354,7 +354,7 @@

    OpenBSD www@openbsd.org -
    $OpenBSD: errata24.html,v 1.46 2010/03/08 21:53:37 deraadt Exp $ +
    $OpenBSD: errata24.html,v 1.47 2010/07/08 19:00:07 sthen Exp $