===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata27.html,v
retrieving revision 1.72
retrieving revision 1.73
diff -c -r1.72 -r1.73
*** www/errata27.html 2014/10/02 14:34:45 1.72
--- www/errata27.html 2015/02/14 04:36:51 1.73
***************
*** 81,87 ****
! -
040: SECURITY FIX: Mar 18, 2001
All architectures
The readline library shipped with OpenBSD allows history files creation
--- 81,87 ----
! -
040: SECURITY FIX: Mar 18, 2001
All architectures
The readline library shipped with OpenBSD allows history files creation
***************
*** 95,101 ****
A source code patch exists which remedies this problem.
!
-
039: SECURITY FIX: Feb 22, 2001
All architectures
There is an exploitable heap corruption bug in
--- 95,101 ----
A source code patch exists which remedies this problem.
!
-
039: SECURITY FIX: Feb 22, 2001
All architectures
There is an exploitable heap corruption bug in
***************
*** 104,123 ****
A source code patch exists which remedies this problem.
!
-
037: SECURITY FIX: Dec 4, 2000
All architectures
OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.
A source code patch exists which remedies this problem.
!
-
036: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
A source code patch exists which remedies this problem.
!
-
035: SECURITY FIX: Nov 10, 2000
All architectures
Hostile servers can force OpenSSH clients to do agent or X11 forwarding.
--- 104,123 ----
A source code patch exists which remedies this problem.
!
-
037: SECURITY FIX: Dec 4, 2000
All architectures
OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.
A source code patch exists which remedies this problem.
!
-
036: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
A source code patch exists which remedies this problem.
!
-
035: SECURITY FIX: Nov 10, 2000
All architectures
Hostile servers can force OpenSSH clients to do agent or X11 forwarding.
***************
*** 125,145 ****
A source code patch exists which remedies this problem.
!
-
034: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would
cause great grief.
A source code patch exists which remedies this problem.
!
-
033: RELIABILITY FIX: Nov 6, 2000
All architectures
Invalid fields in the exec header could cause a crash.
A source code patch exists which remedies this problem.
!
-
032: SECURITY FIX: Oct 26, 2000
All architectures
There are two possibly exploitable potential buffer overflows in the X11
--- 125,145 ----
A source code patch exists which remedies this problem.
!
-
034: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would
cause great grief.
A source code patch exists which remedies this problem.
!
-
033: RELIABILITY FIX: Nov 6, 2000
All architectures
Invalid fields in the exec header could cause a crash.
A source code patch exists which remedies this problem.
!
-
032: SECURITY FIX: Oct 26, 2000
All architectures
There are two possibly exploitable potential buffer overflows in the X11
***************
*** 151,157 ****
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: Oct 18, 2000
All architectures
Apache has several bugs in mod_rewrite and mod_vhost_alias
--- 151,157 ----
A source code patch exists which remedies this problem.
!
-
031: SECURITY FIX: Oct 18, 2000
All architectures
Apache has several bugs in mod_rewrite and mod_vhost_alias
***************
*** 162,168 ****
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: Oct 10, 2000
All architectures
The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
--- 162,168 ----
A source code patch exists which remedies this problem.
!
-
030: SECURITY FIX: Oct 10, 2000
All architectures
The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
***************
*** 171,177 ****
A source code patch exists which remedies this problem.
!
-
029: RELIABILITY FIX: Oct 9, 2000
All architectures
There is a non-exploitable buffer overflow in sendmail's test mode.
--- 171,177 ----
A source code patch exists which remedies this problem.
!
-
029: RELIABILITY FIX: Oct 9, 2000
All architectures
There is a non-exploitable buffer overflow in sendmail's test mode.
***************
*** 179,185 ****
A source code patch exists which remedies this problem.
!
-
028: SECURITY FIX: Oct 6, 2000
All architectures
There are printf-style format string bugs in several privileged programs.
--- 179,185 ----
A source code patch exists which remedies this problem.
!
-
028: SECURITY FIX: Oct 6, 2000
All architectures
There are printf-style format string bugs in several privileged programs.
***************
*** 187,193 ****
A source code patch exists which remedies this problem.
!
-
027: SECURITY FIX: Oct 6, 2000
All architectures
libcurses honored terminal descriptions in the $HOME/.terminfo directory
--- 187,193 ----
A source code patch exists which remedies this problem.
!
-
027: SECURITY FIX: Oct 6, 2000
All architectures
libcurses honored terminal descriptions in the $HOME/.terminfo directory
***************
*** 197,203 ****
A source code patch exists which remedies this problem.
!
-
026: SECURITY FIX: Oct 6, 2000
All architectures
A format string vulnerability exists in talkd(8). It is not clear
--- 197,203 ----
A source code patch exists which remedies this problem.
!
-
026: SECURITY FIX: Oct 6, 2000
All architectures
A format string vulnerability exists in talkd(8). It is not clear
***************
*** 206,212 ****
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: Oct 3, 2000
All architectures
A format string vulnerability exists in the pw_error(3) function. This
--- 206,212 ----
A source code patch exists which remedies this problem.
!
-
025: SECURITY FIX: Oct 3, 2000
All architectures
A format string vulnerability exists in the pw_error(3) function. This
***************
*** 218,231 ****
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: Sep 18, 2000
All architectures
Bad ESP/AH packets could cause a crash under certain conditions.
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: Aug 16, 2000
All architectures
A format string vulnerability exists in xlock. As a workaround which disables
--- 218,231 ----
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: Sep 18, 2000
All architectures
Bad ESP/AH packets could cause a crash under certain conditions.
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: Aug 16, 2000
All architectures
A format string vulnerability exists in xlock. As a workaround which disables
***************
*** 236,242 ****
A source code patch exists which remedies this problem.
!
-
022: INSTALLATION FIX: July 14, 2000
The MacOS installer shipped with OpenBSD 2.7 does not correctly make all
--- 236,242 ----
A source code patch exists which remedies this problem.
!
-
022: INSTALLATION FIX: July 14, 2000
The MacOS installer shipped with OpenBSD 2.7 does not correctly make all
***************
*** 255,261 ****
After doing this (and possibly installing one of the ssl27 packages),
reboot your machine and it will generate ssh keys correctly.
!
-
021: SECURITY FIX: July 14, 2000
All architectures
Various problems in X11 libraries have various side effects. We provide a
--- 255,261 ----
After doing this (and possibly installing one of the ssl27 packages),
reboot your machine and it will generate ssh keys correctly.
!
-
021: SECURITY FIX: July 14, 2000
All architectures
Various problems in X11 libraries have various side effects. We provide a
***************
*** 287,293 ****
ignore the build error. The whatis database will be rebuilt the next
time /etc/weekly runs.
!
-
020: KERNEL BUG: July 10, 2000
As originally shipped, the pmax port would fail to install due to
/kern/msgbuf bugs.
--- 287,293 ----
ignore the build error. The whatis database will be rebuilt the next
time /etc/weekly runs.
!
-
020: KERNEL BUG: July 10, 2000
As originally shipped, the pmax port would fail to install due to
/kern/msgbuf bugs.
***************
*** 301,307 ****
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: July 5, 2000
All architectures
Just like pretty much all the other unix ftp daemons on the planet,
--- 301,307 ----
A source code patch exists which remedies this problem.
!
-
019: SECURITY FIX: July 5, 2000
All architectures
Just like pretty much all the other unix ftp daemons on the planet,
***************
*** 311,317 ****
A source code patch exists which remedies this problem.
!
-
018: SECURITY FIX: July 5, 2000
All architectures
Mopd contained a buffer overflow.
--- 311,317 ----
A source code patch exists which remedies this problem.
!
-
018: SECURITY FIX: July 5, 2000
All architectures
Mopd contained a buffer overflow.
***************
*** 319,325 ****
A source code patch exists which remedies this problem.
!
-
017: INSTALLATION FIX: July 3, 2000
All architectures
The screen package shipped with 2.7 does not install itself properly. The
--- 319,325 ----
A source code patch exists which remedies this problem.
!
-
017: INSTALLATION FIX: July 3, 2000
All architectures
The screen package shipped with 2.7 does not install itself properly. The
***************
*** 330,336 ****
A source code patch exists which remedies this problem.
!
-
016: DRIVER BUG: July 2, 2000
The xl(4)
driver supporting various 3com cards, had a bug which prevented the multicast
--- 330,336 ----
A source code patch exists which remedies this problem.
!
-
016: DRIVER BUG: July 2, 2000
The xl(4)
driver supporting various 3com cards, had a bug which prevented the multicast
***************
*** 340,346 ****
A source code patch exists which remedies this problem.
!
-
015: DRIVER BUG: June 30, 2000
The ste(4)
driver supporting Ethernet cards based on the Sundance ST201 chipset
--- 340,346 ----
A source code patch exists which remedies this problem.
!
-
015: DRIVER BUG: June 30, 2000
The ste(4)
driver supporting Ethernet cards based on the Sundance ST201 chipset
***************
*** 350,356 ****
A source code patch exists which remedies this problem.
!
-
014: DRIVER BUG: June 30, 2000
The PC console driver (PCVT) has two bugs. Display problems can result if
reverse video mode is turned on or off twice in a row. This patch also
--- 350,356 ----
A source code patch exists which remedies this problem.
!
-
014: DRIVER BUG: June 30, 2000
The PC console driver (PCVT) has two bugs. Display problems can result if
reverse video mode is turned on or off twice in a row. This patch also
***************
*** 361,367 ****
A source code patch exists which remedies this problem.
This is the second revision of the patch.
!
-
013: SECURITY FIX: June 28, 2000
All architectures
libedit would check for a .editrc file in the current directory.
--- 361,367 ----
A source code patch exists which remedies this problem.
This is the second revision of the patch.
!
-
013: SECURITY FIX: June 28, 2000
All architectures
libedit would check for a .editrc file in the current directory.
***************
*** 371,377 ****
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: June 24, 2000
All architectures
A serious bug in dhclient(8) could allow strings from a malicious dhcp
--- 371,377 ----
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: June 24, 2000
All architectures
A serious bug in dhclient(8) could allow strings from a malicious dhcp
***************
*** 380,386 ****
A source code patch exists which remedies this problem.
!
-
011: DRIVER BUG: June 17, 2000
The an(4)
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents
--- 380,386 ----
A source code patch exists which remedies this problem.
!
-
011: DRIVER BUG: June 17, 2000
The an(4)
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents
***************
*** 389,395 ****
A source code patch exists which remedies this problem.
!
-
010: CD DISTRIBUTION ERROR: June 15, 2000
On the 2.7 CD media, the amiga distribution contains two pairs of archives
files for installation, ie:
--- 389,395 ----
A source code patch exists which remedies this problem.
!
-
010: CD DISTRIBUTION ERROR: June 15, 2000
On the 2.7 CD media, the amiga distribution contains two pairs of archives
files for installation, ie:
***************
*** 412,418 ****
the *.tar.gz versions.
The FTP area sets do not suffer from this problem.
!
-
009: SECURITY FIX: June 9, 2000
All architectures
A serious bug in isakmpd(8) policy handling wherein policy
--- 412,418 ----
the *.tar.gz versions.
The FTP area sets do not suffer from this problem.
!
-
009: SECURITY FIX: June 9, 2000
All architectures
A serious bug in isakmpd(8) policy handling wherein policy
***************
*** 421,427 ****
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: June 8, 2000
All architectures
Some operations in msdosfs could result in a system panic.
--- 421,427 ----
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: June 8, 2000
All architectures
Some operations in msdosfs could result in a system panic.
***************
*** 429,435 ****
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: June 8, 2000
All architectures
NFS exporting of CD filesystems caused a system panic.
--- 429,435 ----
A source code patch exists which remedies this problem.
!
-
007: RELIABILITY FIX: June 8, 2000
All architectures
NFS exporting of CD filesystems caused a system panic.
***************
*** 437,450 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: June 6, 2000
All architectures
The non-default UseLogin feature in /etc/sshd_config is broken and should not
be used. On other operating systems, it results in a hole.
Avoid use of this feature, or update to OpenSSH 2.1.1 or later if you must use it.
!
-
005: RELIABILITY FIX: May 29, 2000
All architectures
Parse IPv4 options more carefully. It is not yet clear if this can even be used
--- 437,450 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: June 6, 2000
All architectures
The non-default UseLogin feature in /etc/sshd_config is broken and should not
be used. On other operating systems, it results in a hole.
Avoid use of this feature, or update to OpenSSH 2.1.1 or later if you must use it.
!
-
005: RELIABILITY FIX: May 29, 2000
All architectures
Parse IPv4 options more carefully. It is not yet clear if this can even be used
***************
*** 453,459 ****
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: May 29, 2000
All architectures
Certain routing table modifications by the superuser could cause a system panic.
--- 453,459 ----
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: May 29, 2000
All architectures
Certain routing table modifications by the superuser could cause a system panic.
***************
*** 461,467 ****
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: May 26, 2000
All architectures
It is possible to bypass the learning flag on an interface if frames
--- 461,467 ----
A source code patch exists which remedies this problem.
!
-
003: SECURITY FIX: May 26, 2000
All architectures
It is possible to bypass the learning flag on an interface if frames
***************
*** 471,477 ****
A source code patch exists which remedies this problem.
!
-
002: DRIVER FIX: May 26, 2000
All architectures
The
--- 471,477 ----
A source code patch exists which remedies this problem.
!
-
002: DRIVER FIX: May 26, 2000
All architectures
The
***************
*** 481,487 ****
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: May 25, 2000
All architectures
A misuse of ipf(8)
--- 481,487 ----
A source code patch exists which remedies this problem.
!
-
001: SECURITY FIX: May 25, 2000
All architectures
A misuse of ipf(8)