www/errata27.html - diff

Return to errata27.html CVS log

Up to [local] / www

Diff for /www/errata27.html between version 1.54 and 1.55

version 1.54, 2010/03/08 21:53:37

version 1.55, 2010/07/08 19:00:07

Line 53

<hr>

You can also fetch a tar.gz file containing all the following patches</a>.

This file is updated once a day.

Line 78

application is mysql). Additionally, if the HOME environment variable

is not set, the current working directory is used; this patch disables

the history file if HOME is not set.

<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/040_readline.patch

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/040_readline.patch

">A source code patch exists which remedies the problem.</a>

Line 86

There is an exploitable heap corruption bug in

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sudo&sektion=8">sudo</a>.

<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/038_named.patch">A source code patch exists which remedies the problem.</a>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/038_named.patch">A source code patch exists which remedies the problem.</a>

037: SECURITY FIX: Dec 4, 2000

OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.

A source code patch exists which remedies the problem.</a>

035: SECURITY FIX: Nov 10, 2000

Hostile servers can force OpenSSH clients to do agent or X11 forwarding.

This problem is fixed as of OpenSSH 2.3.0.

A source code patch exists which remedies this problem.</a>

033: RELIABILITY FIX: Nov 6, 2000

Invalid fields in the exec header could cause a crash.

A source code patch exists which remedies this problem.</a>

Line 115

<a href="http://www.securityfocus.com/archive/1/139436">BUGTRAQ</a>

mailing list.

A source code patch exists which remedies this problem.</a>

Line 125

to be exposed under certain configurations when these modules are used.

(These modules are not active by default).

A source code patch exists which remedies this problem.</a>

Line 133

The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH

and TERMCAP (when it starts with a '/') environment variables.

A source code patch exists which remedies this problem.</a>

029: RELIABILITY FIX: Oct 9, 2000

There is a non-exploitable buffer overflow in sendmail's test mode.

A source code patch exists which remedies this problem.</a>

028: SECURITY FIX: Oct 6, 2000

There are printf-style format string bugs in several privileged programs.

A source code patch exists which remedies this problem.</a>

Line 156

as well as in the TERMCAP environment variable for setuid and setgid

applications.

A source code patch exists which remedies this problem.</a>

Line 164

A format string vulnerability exists in talkd(8). It is not clear

yet what the impact is.

A source code patch exists which remedies this problem.</a>

Line 175

<pre>

# chmod u-s /usr/bin/chpass

</pre>

A source code patch exists which remedies this problem.</a>

024: SECURITY FIX: Sep 18, 2000

Bad ESP/AH packets could cause a crash under certain conditions.

A source code patch exists which remedies this problem.</a>

Line 191

<pre>

# chmod u-s /usr/X11R6/bin/xlock

</pre>

A source code patch exists which remedies this problem.</a>

Line 216

the XFree86 Xwrapper already has tests for bad arguments.

</ul>

A source code patch exists which remedies these problems.</a>

Note 1: tcl/tk is required to build X11 from source.

Note 2: When re-building use the command

Line 231

ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default.

The problem exists if anonymous ftp is enabled.

A source code patch exists which remedies this problem.</a>

018: SECURITY FIX: July 5, 2000

Mopd contained a buffer overflow.

A source code patch exists which remedies this problem.</a>

Line 249

screen-3.9.5.tgz.old and a replacement package has been provided under the

name screen-3.9.5p1.tgz.

A source code patch exists which remedies this problem.</a>

Line 258

That behaviour is not nice; this does not turn into a security problem in

any real world situation that we know of, but a patch is available anyways.

A source code patch exists which remedies this problem.</a>

Line 266

A serious bug in dhclient(8) could allow strings from a malicious dhcp

server to be executed in the shell as root.

A source code patch exists which remedies this problem.</a>

Line 274

A serious bug in isakmpd(8) policy handling wherein policy

verification could be completely bypassed in isakmpd.

A source code patch exists which remedies this problem.</a>

008: RELIABILITY FIX: June 8, 2000

Some operations in msdosfs could result in a system panic.

A source code patch exists which remedies this problem.</a>

007: RELIABILITY FIX: June 8, 2000

NFS exporting of CD filesystems caused a system panic.

A source code patch exists which remedies this problem.</a>

Line 302

Parse IPv4 options more carefully. It is not yet clear if this can even be used

to crash the machine remote or locally.

A source code patch exists which remedies this problem.</a>

004: RELIABILITY FIX: May 29, 2000

Certain routing table modifications by the superuser could cause a system panic.

A source code patch exists which remedies this problem.</a>

Line 318

go directly to the machine acting as a

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridge</a>.

A source code patch exists which remedies this problem.</a>

Line 327

driver will complain when adding an address with ifconfig

(ifconfig: SIOCAIFADDR: Invalid argument).

A source code patch exists which remedies this problem.</a>

001: SECURITY FIX: May 25, 2000

A misuse of ipf(8)

keep-state rules can result in firewall rules being bypassed.

A source code patch exists</a>, which remedies this problem, and updates ipf

to version 3.3.16.

Line 350

filter from working correctly on the 3c905B, thus preventing many IPv6 things

from working.

A source code patch exists which remedies this problem.</a>

Line 360

(i.e., the D-Link 550TX) has a bug which causes the machine to panic at

boot-time.

A source code patch exists which remedies this problem.</a>

Line 370

fixes a problem with scrolling region handling that has been seen by many

users trying to use the BitchX irc client with the screen program.

There is now a second revision of the source code patch which remedies this problem.</a>

Line 379

Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ancontrol&sektion=8">ancontrol(8)</a> from working correctly, instead causing a panic.

A source code patch exists which remedies this problem.</a>

</ul>

Line 413

036: RELIABILITY FIX: Nov 17, 2000

Configuring a qec+qe causes a NMI panic.

A source code patch exists which remedies this problem.</a>

034: RELIABILITY FIX: Nov 10, 2000

When running a sparc with a serial console, certain types of interrupts would

cause great grief.

A source code patch exists which remedies this problem.</a>

</ul>

Line 467

<a href=stable.html>stable release source tree</a> or apply the

provided patch to a 2.7 source tree.

A source code patch exists which remedies this problem.</a>

</ul>