===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata27.html,v
retrieving revision 1.85
retrieving revision 1.86
diff -c -r1.85 -r1.86
*** www/errata27.html 2016/08/15 02:22:06 1.85
--- www/errata27.html 2016/10/16 19:11:29 1.86
***************
*** 70,76 ****
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
--- 70,76 ----
!
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
***************
*** 97,103 ****
application is mysql). Additionally, if the HOME environment variable
is not set, the current working directory is used; this patch disables
the history file if HOME is not set.
!
A source code patch exists which remedies this problem.
--- 97,103 ----
application is mysql). Additionally, if the HOME environment variable
is not set, the current working directory is used; this patch disables
the history file if HOME is not set.
!
A source code patch exists which remedies this problem.
***************
*** 106,125 ****
There is an exploitable heap corruption bug in
sudo.
!
A source code patch exists which remedies this problem.
037: SECURITY FIX: Dec 4, 2000
All architectures
OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.
!
A source code patch exists which remedies this problem.
036: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
!
A source code patch exists which remedies this problem.
--- 106,125 ----
There is an exploitable heap corruption bug in
sudo.
!
A source code patch exists which remedies this problem.
037: SECURITY FIX: Dec 4, 2000
All architectures
OpenBSD 2.7's ftpd contains a one-byte overflow in the replydirname() function.
!
A source code patch exists which remedies this problem.
036: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
!
A source code patch exists which remedies this problem.
***************
*** 127,147 ****
All architectures
Hostile servers can force OpenSSH clients to do agent or X11 forwarding.
This problem is fixed as of OpenSSH 2.3.0.
!
A source code patch exists which remedies this problem.
034: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would
cause great grief.
!
A source code patch exists which remedies this problem.
033: RELIABILITY FIX: Nov 6, 2000
All architectures
Invalid fields in the exec header could cause a crash.
!
A source code patch exists which remedies this problem.
--- 127,147 ----
All architectures
Hostile servers can force OpenSSH clients to do agent or X11 forwarding.
This problem is fixed as of OpenSSH 2.3.0.
!
A source code patch exists which remedies this problem.
034: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would
cause great grief.
!
A source code patch exists which remedies this problem.
033: RELIABILITY FIX: Nov 6, 2000
All architectures
Invalid fields in the exec header could cause a crash.
!
A source code patch exists which remedies this problem.
***************
*** 153,159 ****
BUGTRAQ
mailing list.
!
A source code patch exists which remedies this problem.
--- 153,159 ----
BUGTRAQ
mailing list.
!
A source code patch exists which remedies this problem.
***************
*** 164,170 ****
to be exposed under certain configurations when these modules are used.
(These modules are not active by default).
!
A source code patch exists which remedies this problem.
--- 164,170 ----
to be exposed under certain configurations when these modules are used.
(These modules are not active by default).
!
A source code patch exists which remedies this problem.
***************
*** 173,179 ****
The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
and TERMCAP (when it starts with a '/') environment variables.
!
A source code patch exists which remedies this problem.
--- 173,179 ----
The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
and TERMCAP (when it starts with a '/') environment variables.
!
A source code patch exists which remedies this problem.
***************
*** 181,187 ****
All architectures
There is a non-exploitable buffer overflow in sendmail's test mode.
!
A source code patch exists which remedies this problem.
--- 181,187 ----
All architectures
There is a non-exploitable buffer overflow in sendmail's test mode.
!
A source code patch exists which remedies this problem.
***************
*** 189,195 ****
All architectures
There are printf-style format string bugs in several privileged programs.
!
A source code patch exists which remedies this problem.
--- 189,195 ----
All architectures
There are printf-style format string bugs in several privileged programs.
!
A source code patch exists which remedies this problem.
***************
*** 199,205 ****
as well as in the TERMCAP environment variable for setuid and setgid
applications.
!
A source code patch exists which remedies this problem.
--- 199,205 ----
as well as in the TERMCAP environment variable for setuid and setgid
applications.
!
A source code patch exists which remedies this problem.
***************
*** 208,214 ****
A format string vulnerability exists in talkd(8). It is not clear
yet what the impact is.
!
A source code patch exists which remedies this problem.
--- 208,214 ----
A format string vulnerability exists in talkd(8). It is not clear
yet what the impact is.
!
A source code patch exists which remedies this problem.
***************
*** 220,233 ****
# chmod u-s /usr/bin/chpass
!
A source code patch exists which remedies this problem.
024: SECURITY FIX: Sep 18, 2000
All architectures
Bad ESP/AH packets could cause a crash under certain conditions.
!
A source code patch exists which remedies this problem.
--- 220,233 ----
# chmod u-s /usr/bin/chpass
!
A source code patch exists which remedies this problem.
024: SECURITY FIX: Sep 18, 2000
All architectures
Bad ESP/AH packets could cause a crash under certain conditions.
!
A source code patch exists which remedies this problem.
***************
*** 238,244 ****
# chmod u-s /usr/X11R6/bin/xlock
!
A source code patch exists which remedies this problem.
--- 238,244 ----
# chmod u-s /usr/X11R6/bin/xlock
!
A source code patch exists which remedies this problem.
***************
*** 283,289 ****
the XFree86 Xwrapper already has tests for bad arguments.
!
A source code patch exists which remedies this problem.
Note 1: tcl/tk is required to build X11 from source.
Note 2: When re-building use the command
--- 283,289 ----
the XFree86 Xwrapper already has tests for bad arguments.
!
A source code patch exists which remedies this problem.
Note 1: tcl/tk is required to build X11 from source.
Note 2: When re-building use the command
***************
*** 303,309 ****
stable release source tree or apply the
provided patch to a 2.7 source tree.
!
A source code patch exists which remedies this problem.
--- 303,309 ----
stable release source tree or apply the
provided patch to a 2.7 source tree.
!
A source code patch exists which remedies this problem.
***************
*** 313,319 ****
ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default.
The problem exists if anonymous ftp is enabled.
!
A source code patch exists which remedies this problem.
--- 313,319 ----
ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default.
The problem exists if anonymous ftp is enabled.
!
A source code patch exists which remedies this problem.
***************
*** 321,327 ****
All architectures
Mopd contained a buffer overflow.
!
A source code patch exists which remedies this problem.
--- 321,327 ----
All architectures
Mopd contained a buffer overflow.
!
A source code patch exists which remedies this problem.
***************
*** 332,338 ****
screen-3.9.5.tgz.old and a replacement package has been provided under the
name screen-3.9.5p1.tgz.
!
A source code patch exists which remedies this problem.
--- 332,338 ----
screen-3.9.5.tgz.old and a replacement package has been provided under the
name screen-3.9.5p1.tgz.
!
A source code patch exists which remedies this problem.
***************
*** 342,348 ****
filter from working correctly on the 3c905B, thus preventing many IPv6 things
from working.
!
A source code patch exists which remedies this problem.
--- 342,348 ----
filter from working correctly on the 3c905B, thus preventing many IPv6 things
from working.
!
A source code patch exists which remedies this problem.
***************
*** 352,358 ****
(i.e., the D-Link 550TX) has a bug which causes the machine to panic at
boot-time.
!
A source code patch exists which remedies this problem.
--- 352,358 ----
(i.e., the D-Link 550TX) has a bug which causes the machine to panic at
boot-time.
!
A source code patch exists which remedies this problem.
***************
*** 362,368 ****
fixes a problem with scrolling region handling that has been seen by many
users trying to use the BitchX irc client with the screen program.
!
A source code patch exists which remedies this problem.
This is the second revision of the patch.
--- 362,368 ----
fixes a problem with scrolling region handling that has been seen by many
users trying to use the BitchX irc client with the screen program.
!
A source code patch exists which remedies this problem.
This is the second revision of the patch.
***************
*** 373,379 ****
That behaviour is not nice; this does not turn into a security problem in
any real world situation that we know of, but a patch is available anyways.
!
A source code patch exists which remedies this problem.
--- 373,379 ----
That behaviour is not nice; this does not turn into a security problem in
any real world situation that we know of, but a patch is available anyways.
!
A source code patch exists which remedies this problem.
***************
*** 382,388 ****
A serious bug in dhclient(8) could allow strings from a malicious dhcp
server to be executed in the shell as root.
!
A source code patch exists which remedies this problem.
--- 382,388 ----
A serious bug in dhclient(8) could allow strings from a malicious dhcp
server to be executed in the shell as root.
!
A source code patch exists which remedies this problem.
***************
*** 391,397 ****
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents
ancontrol(8) from working correctly, instead causing a panic.
!
A source code patch exists which remedies this problem.
--- 391,397 ----
Aironet Communications 4500/4800 IEEE 802.11DS driver has a bug which prevents
ancontrol(8) from working correctly, instead causing a panic.
!
A source code patch exists which remedies this problem.
***************
*** 423,429 ****
A serious bug in isakmpd(8) policy handling wherein policy
verification could be completely bypassed in isakmpd.
!
A source code patch exists which remedies this problem.
--- 423,429 ----
A serious bug in isakmpd(8) policy handling wherein policy
verification could be completely bypassed in isakmpd.
!
A source code patch exists which remedies this problem.
***************
*** 431,437 ****
All architectures
Some operations in msdosfs could result in a system panic.
!
A source code patch exists which remedies this problem.
--- 431,437 ----
All architectures
Some operations in msdosfs could result in a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 439,445 ****
All architectures
NFS exporting of CD filesystems caused a system panic.
!
A source code patch exists which remedies this problem.
--- 439,445 ----
All architectures
NFS exporting of CD filesystems caused a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 455,461 ****
Parse IPv4 options more carefully. It is not yet clear if this can even be used
to crash the machine remote or locally.
!
A source code patch exists which remedies this problem.
--- 455,461 ----
Parse IPv4 options more carefully. It is not yet clear if this can even be used
to crash the machine remote or locally.
!
A source code patch exists which remedies this problem.
***************
*** 463,469 ****
All architectures
Certain routing table modifications by the superuser could cause a system panic.
!
A source code patch exists which remedies this problem.
--- 463,469 ----
All architectures
Certain routing table modifications by the superuser could cause a system panic.
!
A source code patch exists which remedies this problem.
***************
*** 473,479 ****
go directly to the machine acting as a
bridge.
!
A source code patch exists which remedies this problem.
--- 473,479 ----
go directly to the machine acting as a
bridge.
!
A source code patch exists which remedies this problem.
***************
*** 483,489 ****
ef(4)
driver will complain when adding an address with ifconfig
(ifconfig: SIOCAIFADDR: Invalid argument).
!
A source code patch exists which remedies this problem.
--- 483,489 ----
ef(4)
driver will complain when adding an address with ifconfig
(ifconfig: SIOCAIFADDR: Invalid argument).
!
A source code patch exists which remedies this problem.
***************
*** 491,497 ****
All architectures
A misuse of ipf(8)
keep-state rules can result in firewall rules being bypassed.
!
A source code patch exists which remedies this problem.
It updates ipf to version 3.3.16.
--- 491,497 ----
All architectures
A misuse of ipf(8)
keep-state rules can result in firewall rules being bypassed.
!
A source code patch exists which remedies this problem.
It updates ipf to version 3.3.16.