=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata25.html,v retrieving revision 1.41 retrieving revision 1.42 diff -u -r1.41 -r1.42 --- www/errata25.html 2010/03/08 21:53:37 1.41 +++ www/errata25.html 2010/07/08 19:00:07 1.42 @@ -53,7 +53,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. @@ -69,7 +69,7 @@ SECURITY FIX: Aug 30, 1999
In cron(8), make sure argv[] is NULL terminated in the fake popen() and run sendmail as the user, not as root. - + A source code patch exists which remedies this problem.

  • @@ -77,13 +77,13 @@ The procfs and fdescfs filesystems had an overrun in their handling of uio_offset in their readdir() routines. (These filesystems are not enabled by default). - + A source code patch exists which remedies this problem.

  • SECURITY FIX: Aug 9, 1999
    Stop profiling (see profil(2)) when we execve() a new process. - + A source code patch exists which remedies this problem.

  • @@ -91,21 +91,21 @@ Packets that should have been handled by IPsec may be transmitted as cleartext. PF_KEY SA expirations may leak kernel resources. +href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/009_ipsec_in_use.patch"> A source code patch exists which remedies this problem.

  • SECURITY FIX: Aug 5, 1999
    In /etc/rc, use mktemp(1) for motd re-writing, and change the find(1) to use -execdir. - + A source code patch exists which remedies this problem.

  • SECURITY FIX: Jul 30, 1999
    Do not permit regular users to chflags(2) or fchflags(2) on character or block devices which they may currently be the owner of. - + A source code patch exists which remedies this problem.

  • @@ -114,35 +114,35 @@ to avoid various groff features which may be security issues. On the whole, this is not really a security issue, but it was discussed on BUGTRAQ as if it is. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX: May 19, 1999
    Programs using fts(3) could dump core when given a directory structure with a very large number of entries. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX: May 19, 1999
    Sequence numbers could wrap with TCP_SACK and TCP_NEWRENO, resulting in failure to retransmit correctly. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX
    Retransmitted TCP packets could get corrupted when flowing over an IPSEC ESP tunnel. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX
    A local user can crash the system by reading a file larger than 64meg from an ext2fs partition. - + A source code patch exists which remedies this problem.

  • @@ -151,7 +151,7 @@ system running an IPsec key management daemon like photurisd or isakmpd will cause the networking subsystem to stop working after a finite amount of time. - + A source code patch exists which remedies this problem.

    @@ -163,14 +163,14 @@ This patch corrects various OpenBSD/i386 2.5 problems with Y2K. The 2.6 release (released at 1 Dec 1999) has this problem solved. This patch is just a workaround. - + A source code patch exists which remedies this problem.

  • RELIABILITY FIX
    If a user opened the brooktree device on a system where it did not exist, the kernel crashed. - + A source code patch exists which remedies this problem.

    @@ -182,8 +182,8 @@ The mac68k install utils were mistakenly left off the CD and out of the FTP install directories. These tools have now been added to the FTP install directories. See - -ftp://ftp.openbsd.org/pub/OpenBSD/2.5/mac68k/utils + +http://ftp.openbsd.org/pub/OpenBSD/2.5/mac68k/utils

    @@ -236,7 +236,7 @@ RELIABILITY FIX
    Two problems in the powerpc kernel trap handling cause severe system unreliability. - + A source code patch exists which remedies these problems.

    @@ -279,7 +279,7 @@

    OpenBSD www@openbsd.org -
    $OpenBSD: errata25.html,v 1.41 2010/03/08 21:53:37 deraadt Exp $ +
    $OpenBSD: errata25.html,v 1.42 2010/07/08 19:00:07 sthen Exp $