[BACK]Return to errata28.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/errata28.html between version 1.93 and 1.94

version 1.93, 2019/04/02 12:46:56 version 1.94, 2019/05/27 22:55:19
Line 1 
Line 1 
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">  <!doctype html>
 <html>  <html lang=en id=errata>
 <head>  <meta charset=utf-8>
   
 <title>OpenBSD 2.8 Errata</title>  <title>OpenBSD 2.8 Errata</title>
 <meta name="description" content="the OpenBSD CD errata page">  <meta name="description" content="the OpenBSD CD errata page">
 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">  
 <meta name="viewport" content="width=device-width, initial-scale=1">  <meta name="viewport" content="width=device-width, initial-scale=1">
 <link rel="stylesheet" type="text/css" href="openbsd.css">  <link rel="stylesheet" type="text/css" href="openbsd.css">
 <link rel="canonical" href="https://www.openbsd.org/errata28.html">  <link rel="canonical" href="https://www.openbsd.org/errata28.html">
 </head>  
   
 <!--  <!--
                         IMPORTANT REMINDER                          IMPORTANT REMINDER
         IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE          IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE
 -->  -->
   
 <body bgcolor="#ffffff" text="#000000" link="#23238E">  
   
 <h2>  <h2 id=OpenBSD>
 <a href="index.html">  <a href="index.html">
 <font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a>  <i>Open</i><b>BSD</b></a>
 <font color="#e00000">2.8 Errata</font>  2.8 Errata
 </h2>  </h2>
 <hr>  <hr>
   
Line 87 
Line 85 
   
 <ul>  <ul>
 <li id="uucp">  <li id="uucp">
 <font color="#009000"><strong>033: SECURITY FIX: September 11, 2001</strong></font>  <strong>033: SECURITY FIX: September 11, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/uuxqt.8">uuxqt(8)</a>  A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/uuxqt.8">uuxqt(8)</a>
 that may allow an attacker to run arbitrary commands as user uucp and  that may allow an attacker to run arbitrary commands as user uucp and
Line 101 
Line 99 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="lpd">  <li id="lpd">
 <font color="#009000"><strong>032: SECURITY FIX: August 29, 2001</strong></font>  <strong>032: SECURITY FIX: August 29, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/lpd.8">lpd(8)</a>  A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/lpd.8">lpd(8)</a>
 that may allow an attacker with line printer access to gain root  that may allow an attacker with line printer access to gain root
Line 114 
Line 112 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="sendmail2">  <li id="sendmail2">
 <font color="#009000"><strong>031: SECURITY FIX: August 21, 2001</strong></font>  <strong>031: SECURITY FIX: August 21, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/sendmail.8">sendmail(8)</a>  A security hole exists in <a href="https://man.openbsd.org/OpenBSD-2.8/sendmail.8">sendmail(8)</a>
 that may allow an attacker on the local host to gain root privileges by  that may allow an attacker on the local host to gain root privileges by
Line 124 
Line 122 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="kernexec">  <li id="kernexec">
 <font color="#009000"><strong>030: SECURITY FIX: June 15, 2001</strong></font>  <strong>030: SECURITY FIX: June 15, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 A race condition exists in the kernel <a href="https://man.openbsd.org/OpenBSD-2.8/execve.2">execve(2)</a> implementation that opens a small window of vulnerability for a non-privileged user to <a href="https://man.openbsd.org/OpenBSD-2.8/ptrace.2">ptrace(2)</a> attach to a suid/sgid process.  A race condition exists in the kernel <a href="https://man.openbsd.org/OpenBSD-2.8/execve.2">execve(2)</a> implementation that opens a small window of vulnerability for a non-privileged user to <a href="https://man.openbsd.org/OpenBSD-2.8/ptrace.2">ptrace(2)</a> attach to a suid/sgid process.
 <br>  <br>
Line 132 
Line 130 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="fts">  <li id="fts">
 <font color="#009000"><strong>029: SECURITY FIX: May 30, 2001</strong></font>  <strong>029: SECURITY FIX: May 30, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Programs using the <a href="https://man.openbsd.org/OpenBSD-2.8/fts.3">fts(3)</a>  Programs using the <a href="https://man.openbsd.org/OpenBSD-2.8/fts.3">fts(3)</a>
 routines (such as rm, find, and most programs that take a <b>-R</b>  routines (such as rm, find, and most programs that take a <b>-R</b>
Line 145 
Line 143 
 This is the second version of the patch.  This is the second version of the patch.
 <p>  <p>
 <li id="sendmail">  <li id="sendmail">
 <font color="#009000"><strong>028: SECURITY FIX: May 29, 2001</strong></font>  <strong>028: SECURITY FIX: May 29, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 The signal handlers in <a href="https://man.openbsd.org/OpenBSD-2.8/sendmail.8">sendmail(8)</a> contain code that is unsafe in the  The signal handlers in <a href="https://man.openbsd.org/OpenBSD-2.8/sendmail.8">sendmail(8)</a> contain code that is unsafe in the
 context of a signal handler.  This leads to potentially serious  context of a signal handler.  This leads to potentially serious
Line 156 
Line 154 
 It updates sendmail to version 8.11.4.  It updates sendmail to version 8.11.4.
 <p>  <p>
 <li id="ipf_frag">  <li id="ipf_frag">
 <font color="#009000"><strong>027: SECURITY FIX: Apr 23, 2001</strong></font>  <strong>027: SECURITY FIX: Apr 23, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 IPF has a serious problem with fragment caching, the bug is triggered if you use the ipf(5) syntax &quot;keep state&quot;.<br>  IPF has a serious problem with fragment caching, the bug is triggered if you use the ipf(5) syntax &quot;keep state&quot;.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/027_ipf-frag.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/027_ipf-frag.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="glob_limit">  <li id="glob_limit">
 <font color="#009000"><strong>026: SECURITY FIX: Apr 23, 2001</strong></font>  <strong>026: SECURITY FIX: Apr 23, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">ftpd(8)</a> has a potential DoS related to <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">glob(3)</a>. This patch introduces a GLOB_LIMIT, eliminating the DoS. You must have <a href="#glob">025_glob.patch</a> installed before installing this patch.<br>  <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">ftpd(8)</a> has a potential DoS related to <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">glob(3)</a>. This patch introduces a GLOB_LIMIT, eliminating the DoS. You must have <a href="#glob">025_glob.patch</a> installed before installing this patch.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/026_globlimit.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/026_globlimit.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="glob">  <li id="glob">
 <font color="#009000"><strong>025: SECURITY FIX: Apr 10, 2001</strong></font>  <strong>025: SECURITY FIX: Apr 10, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">glob(3)</a> contains multiple buffer overflows. <br>  <a href="https://man.openbsd.org/OpenBSD-2.8/glob.3">glob(3)</a> contains multiple buffer overflows. <br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/025_glob.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/025_glob.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="readline">  <li id="readline">
 <font color="#009000"><strong>024: SECURITY FIX: Mar 18, 2001</strong></font>  <strong>024: SECURITY FIX: Mar 18, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 The readline library shipped with OpenBSD allows history files creation  The readline library shipped with OpenBSD allows history files creation
 with a permissive  with a permissive
Line 189 
Line 187 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="ipsec_ah">  <li id="ipsec_ah">
 <font color="#009000"><strong>023: SECURITY FIX: Mar 2, 2001</strong></font>  <strong>023: SECURITY FIX: Mar 2, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.<br>  Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/023_ip_ah.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/023_ip_ah.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="userldt">  <li id="userldt">
 <font color="#009000"><strong>022: SECURITY FIX: Mar 2, 2001</strong></font><br>  <strong>022: SECURITY FIX: Mar 2, 2001</strong><br>
 The <b>USER_LDT</b> kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default.  The <b>USER_LDT</b> kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default.
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/022_userltd.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/022_userltd.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="sudo">  <li id="sudo">
 <font color="#009000"><strong>021: SECURITY FIX: Feb 22, 2001</strong></font>  <strong>021: SECURITY FIX: Feb 22, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 There is an exploitable heap corruption bug in  There is an exploitable heap corruption bug in
 <a href="https://man.openbsd.org/OpenBSD-2.8/sudo.8">sudo</a>.  <a href="https://man.openbsd.org/OpenBSD-2.8/sudo.8">sudo</a>.
Line 211 
Line 209 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="libwrap">  <li id="libwrap">
 <font color="#009000"><strong>020: IMPLEMENTATION FIX: Feb 15, 2001</strong></font>  <strong>020: IMPLEMENTATION FIX: Feb 15, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Client side ident protocol was broken in libwrap, affecting anything using libwrap including <a href="https://man.openbsd.org/OpenBSD-2.8/tcpd.8">tcpd</a>. The effect of this was that libwrap would never retrieve and log ident values from remote hosts on connections.<br>  Client side ident protocol was broken in libwrap, affecting anything using libwrap including <a href="https://man.openbsd.org/OpenBSD-2.8/tcpd.8">tcpd</a>. The effect of this was that libwrap would never retrieve and log ident values from remote hosts on connections.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/020_libwrap.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/020_libwrap.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="lepci">  <li id="lepci">
 <font color="#009000"><strong>019: IMPLEMENTATION FIX: Jan 31, 2001</strong></font>  <strong>019: IMPLEMENTATION FIX: Jan 31, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Fix memory allocation in the PCI LANCE driver, <a href="https://man.openbsd.org/OpenBSD-2.8/le.4">le</a>.  A side effect of this is that OpenBSD under VMWare now works again.<br>  Fix memory allocation in the PCI LANCE driver, <a href="https://man.openbsd.org/OpenBSD-2.8/le.4">le</a>.  A side effect of this is that OpenBSD under VMWare now works again.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/019_lepci.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/019_lepci.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="named">  <li id="named">
 <font color="#009000"><strong>018: SECURITY FIX: Jan 29, 2001</strong></font>  <strong>018: SECURITY FIX: Jan 29, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Merge <a href="https://man.openbsd.org/OpenBSD-2.8/named.8">named</a>  Merge <a href="https://man.openbsd.org/OpenBSD-2.8/named.8">named</a>
 with ISC BIND 4.9.8-REL, which fixes some buffer vulnerabilities (actually it appears  with ISC BIND 4.9.8-REL, which fixes some buffer vulnerabilities (actually it appears
Line 234 
Line 232 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="rnd">  <li id="rnd">
 <font color="#009000"><strong>017: SECURITY FIX: Jan 22, 2001</strong></font>  <strong>017: SECURITY FIX: Jan 22, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 The <a href="https://man.openbsd.org/OpenBSD-2.8/random.4">rnd(4)</a> device does not use all of its input when data is written to it.<br>  The <a href="https://man.openbsd.org/OpenBSD-2.8/random.4">rnd(4)</a> device does not use all of its input when data is written to it.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/017_rnd.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/017_rnd.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="tl">  <li id="tl">
 <font color="#009000"><strong>016: RELIABILITY FIX: Jan 4, 2001</strong></font>  <strong>016: RELIABILITY FIX: Jan 4, 2001</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Allow ThunderLAN cards to share interrupts nicely.<br>  Allow ThunderLAN cards to share interrupts nicely.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/016_tl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/016_tl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="pms">  <li id="pms">
 <font color="#009000"><strong>015: STABILITY FIX: Dec 22, 2000</strong></font><br>  <strong>015: STABILITY FIX: Dec 22, 2000</strong><br>
 Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.<br>  Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/015_pms.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/015_pms.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="xlock">  <li id="xlock">
 <font color="#009000"><strong>014: SECURITY FIX: Dec 22, 2000</strong></font>  <strong>014: SECURITY FIX: Dec 22, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.<br>  Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/014_xlock.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/014_xlock.patch">
Line 274 
Line 272 
 </ul>  </ul>
 <p>  <p>
 <li id="procfs">  <li id="procfs">
 <font color="#009000"><strong>013: SECURITY FIX: Dec 18, 2000</strong></font>  <strong>013: SECURITY FIX: Dec 18, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 <a href="https://man.openbsd.org/OpenBSD-2.8/mount_procfs.8">Procfs</a> contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD. <br>  <a href="https://man.openbsd.org/OpenBSD-2.8/mount_procfs.8">Procfs</a> contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD. <br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/013_procfs.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/013_procfs.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="imacdv">  <li id="imacdv">
 <font color="#009000"><strong>012: INSTALL PROBLEM: Dec 14, 2000</strong></font><br>  <strong>012: INSTALL PROBLEM: Dec 14, 2000</strong><br>
 The IMac DV+ (and probably some other machines) incorrectly identify their video  The IMac DV+ (and probably some other machines) incorrectly identify their video
 hardware, but it is possible to work around the problem.<br>  hardware, but it is possible to work around the problem.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/powerpc/012_imacdv.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/powerpc/012_imacdv.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="hwcrypto">  <li id="hwcrypto">
 <font color="#009000"><strong>011: RELIABILITY FIX: Dec 13, 2000</strong></font>  <strong>011: RELIABILITY FIX: Dec 13, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 The crypto subsystem could incorrectly fail to run certain software ciphers,  The crypto subsystem could incorrectly fail to run certain software ciphers,
 if a hardware card existed in the machine.<br>  if a hardware card existed in the machine.<br>
Line 296 
Line 294 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="fastroute">  <li id="fastroute">
 <font color="#009000"><strong>010: RELIABILITY FIX: Dec 11, 2000</strong></font>  <strong>010: RELIABILITY FIX: Dec 11, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 A crash could occur during fast routing, if IPSEC was enabled.<br>  A crash could occur during fast routing, if IPSEC was enabled.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/010_fastroute.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/010_fastroute.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="kerberos2">  <li id="kerberos2">
 <font color="#009000"><strong>009: SECURITY FIX: Dec 10, 2000</strong></font>  <strong>009: SECURITY FIX: Dec 10, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Another problem exists in the Kerberos libraries.<br>  Another problem exists in the Kerberos libraries.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/009_kerberos2.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/009_kerberos2.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="kerberos">  <li id="kerberos">
 <font color="#009000"><strong>008: SECURITY FIX: Dec 7, 2000</strong></font>  <strong>008: SECURITY FIX: Dec 7, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Two problems have recently been discovered in the KerberosIV code.<p>  Two problems have recently been discovered in the KerberosIV code.<p>
 1. A symlink problem was discovered in the KerberosIV password checking  1. A symlink problem was discovered in the KerberosIV password checking
Line 326 
Line 324 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="x_sun3">  <li id="x_sun3">
 <font color="#009000"><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>  <strong>007: INSTALL PROBLEM: Dec 4, 2000</strong><br>
 The X packages  The X packages
 <a href="https://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xshare28.tgz">share28.tgz</a>  <a href="https://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xshare28.tgz">share28.tgz</a>
 and  and
Line 339 
Line 337 
 </pre>  </pre>
 <p>  <p>
 <li id="pcibios">  <li id="pcibios">
 <font color="#009000"><strong>006: STABILITY FIX: Dec 4, 2000</strong></font><br>  <strong>006: STABILITY FIX: Dec 4, 2000</strong><br>
 On some machines, a PCIBIOS device driver interrupt allocation bug can cause a  On some machines, a PCIBIOS device driver interrupt allocation bug can cause a
 kernel hang while probing PCI devices.  If you have this symptom, you can disable  kernel hang while probing PCI devices.  If you have this symptom, you can disable
 PCIBIOS as a workaround.  To do this,  PCIBIOS as a workaround.  To do this,
Line 357 
Line 355 
     </ul>      </ul>
 <p>  <p>
 <li id="ftpd">  <li id="ftpd">
 <font color="#009000"><strong>005: SECURITY FIX: Dec 4, 2000</strong></font>  <strong>005: SECURITY FIX: Dec 4, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.<br>  OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/005_ftpd.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/005_ftpd.patch">
Line 365 
Line 363 
 You can view the <a href="advisories/ftpd_replydirname.txt">OpenBSD Advisory</a> here.  You can view the <a href="advisories/ftpd_replydirname.txt">OpenBSD Advisory</a> here.
 <p>  <p>
 <li id="rijndael">  <li id="rijndael">
 <font color="#009000"><strong>004: RELIABILITY FIX: Nov 17, 2000</strong></font>  <strong>004: RELIABILITY FIX: Nov 17, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 First off, AES (Rijndael) encryption and decryption were broken for IPsec  First off, AES (Rijndael) encryption and decryption were broken for IPsec
 and swap encryption.<br>  and swap encryption.<br>
Line 375 
Line 373 
 This is the second revision of the patch.  This is the second revision of the patch.
 <p>  <p>
 <li id="qe">  <li id="qe">
 <font color="#009000"><strong>003: RELIABILITY FIX: Nov 17, 2000</strong></font><br>  <strong>003: RELIABILITY FIX: Nov 17, 2000</strong><br>
 Configuring a qec+qe causes a NMI panic.<br>  Configuring a qec+qe causes a NMI panic.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/003_qe.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/003_qe.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="skey">  <li id="skey">
 <font color="#009000"><strong>002: IMPLEMENTATION FIX: Nov 10, 2000</strong></font>  <strong>002: IMPLEMENTATION FIX: Nov 10, 2000</strong>
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 In ssh(1), skey support for SSH1 protocol was broken.  Some people might consider  In ssh(1), skey support for SSH1 protocol was broken.  Some people might consider
 that kind of important.<br>  that kind of important.<br>
Line 389 
Line 387 
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
 <li id="zsconsole">  <li id="zsconsole">
 <font color="#009000"><strong>001: RELIABILITY FIX: Nov 10, 2000</strong></font><br>  <strong>001: RELIABILITY FIX: Nov 10, 2000</strong><br>
 When running a sparc with a serial console, certain types of interrupts would  When running a sparc with a serial console, certain types of interrupts would
 cause great grief.<br>  cause great grief.<br>
 <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/001_zsconsole.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/001_zsconsole.patch">
Line 399 
Line 397 
 </ul>  </ul>
   
 <hr>  <hr>
   
 </body>  
 </html>  

Legend:
Removed from v.1.93  
changed lines
  Added in v.1.94