version 1.89, 2017/03/28 06:41:18 |
version 1.90, 2017/06/26 17:18:57 |
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
The readline library shipped with OpenBSD allows history files creation |
The readline library shipped with OpenBSD allows history files creation |
with a permissive |
with a permissive |
<a href="http://man.openbsd.org/OpenBSD-2.7/umask.2">umask(2)</a>. |
<a href="https://man.openbsd.org/OpenBSD-2.7/umask.2">umask(2)</a>. |
This can lead to the leakage of sensitive information in applications |
This can lead to the leakage of sensitive information in applications |
that use passwords and the like during user interaction (one such |
that use passwords and the like during user interaction (one such |
application is mysql). Additionally, if the HOME environment variable |
application is mysql). Additionally, if the HOME environment variable |
|
|
<font color="#009000"><strong>039: SECURITY FIX: Feb 22, 2001</strong></font> |
<font color="#009000"><strong>039: SECURITY FIX: Feb 22, 2001</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
There is an exploitable heap corruption bug in |
There is an exploitable heap corruption bug in |
<a href="http://man.openbsd.org/OpenBSD-2.7/sudo.8">sudo</a>. |
<a href="https://man.openbsd.org/OpenBSD-2.7/sudo.8">sudo</a>. |
<br> |
<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/038_named.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/038_named.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
|
|
<p> |
<p> |
<li id="xlhash"> |
<li id="xlhash"> |
<font color="#009000"><strong>016: DRIVER BUG: July 2, 2000</strong></font><br> |
<font color="#009000"><strong>016: DRIVER BUG: July 2, 2000</strong></font><br> |
The <a href="http://man.openbsd.org/OpenBSD-2.7/xl.4">xl(4)</a> |
The <a href="https://man.openbsd.org/OpenBSD-2.7/xl.4">xl(4)</a> |
driver supporting various 3com cards, had a bug which prevented the multicast |
driver supporting various 3com cards, had a bug which prevented the multicast |
filter from working correctly on the 3c905B, thus preventing many IPv6 things |
filter from working correctly on the 3c905B, thus preventing many IPv6 things |
from working. |
from working. |
|
|
<p> |
<p> |
<li id="ste"> |
<li id="ste"> |
<font color="#009000"><strong>015: DRIVER BUG: June 30, 2000</strong></font><br> |
<font color="#009000"><strong>015: DRIVER BUG: June 30, 2000</strong></font><br> |
The <a href="http://man.openbsd.org/OpenBSD-2.7/ste.4">ste(4)</a> |
The <a href="https://man.openbsd.org/OpenBSD-2.7/ste.4">ste(4)</a> |
driver supporting Ethernet cards based on the Sundance ST201 chipset |
driver supporting Ethernet cards based on the Sundance ST201 chipset |
(i.e., the D-Link 550TX) has a bug which causes the machine to panic at |
(i.e., the D-Link 550TX) has a bug which causes the machine to panic at |
boot-time. |
boot-time. |
|
|
<p> |
<p> |
<li id="if_an"> |
<li id="if_an"> |
<font color="#009000"><strong>011: DRIVER BUG: June 17, 2000</strong></font><br> |
<font color="#009000"><strong>011: DRIVER BUG: June 17, 2000</strong></font><br> |
The <a href="http://man.openbsd.org/OpenBSD-2.7/an.4">an(4)</a> |
The <a href="https://man.openbsd.org/OpenBSD-2.7/an.4">an(4)</a> |
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents |
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents |
<a href="http://man.openbsd.org/OpenBSD-2.7/ancontrol.8">ancontrol(8)</a> from working correctly, instead causing a panic. |
<a href="https://man.openbsd.org/OpenBSD-2.7/ancontrol.8">ancontrol(8)</a> from working correctly, instead causing a panic. |
<br> |
<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/i386/011_an.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/i386/011_an.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
It is possible to bypass the <i>learning</i> flag on an interface if frames |
It is possible to bypass the <i>learning</i> flag on an interface if frames |
go directly to the machine acting as a |
go directly to the machine acting as a |
<a href="http://man.openbsd.org/OpenBSD-2.7/bridge.4">bridge</a>. |
<a href="https://man.openbsd.org/OpenBSD-2.7/bridge.4">bridge</a>. |
<br> |
<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/003_bridge.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/003_bridge.patch"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
|
|
<font color="#009000"><strong>002: DRIVER FIX: May 26, 2000</strong></font> |
<font color="#009000"><strong>002: DRIVER FIX: May 26, 2000</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
The |
The |
<a href="http://man.openbsd.org/OpenBSD-2.7/ef.4">ef(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-2.7/ef.4">ef(4)</a> |
driver will complain when adding an address with ifconfig |
driver will complain when adding an address with ifconfig |
(ifconfig: SIOCAIFADDR: Invalid argument).<br> |
(ifconfig: SIOCAIFADDR: Invalid argument).<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/002_ef.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/002_ef.patch"> |