=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata28.html,v retrieving revision 1.69 retrieving revision 1.70 diff -c -r1.69 -r1.70 *** www/errata28.html 2014/10/02 14:34:45 1.69 --- www/errata28.html 2015/02/14 04:36:51 1.70 *************** *** 81,87 ****

033: SECURITY FIX: September 11, 2001 All architectures
A security hole exists in uuxqt(8) --- 81,87 ----
- 033: SECURITY FIX: September 11, 2001 All architectures
  A security hole exists in uuxqt(8) *************** *** 95,101 **** A source code patch exists which remedies this problem.
  !
- 032: SECURITY FIX: August 29, 2001 All architectures
  A security hole exists in lpd(8) --- 95,101 ---- A source code patch exists which remedies this problem.
  !
- 032: SECURITY FIX: August 29, 2001 All architectures
  A security hole exists in lpd(8) *************** *** 108,114 **** A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: August 21, 2001 All architectures
  A security hole exists in sendmail(8) --- 108,114 ---- A source code patch exists which remedies this problem.
  !
- 031: SECURITY FIX: August 21, 2001 All architectures
  A security hole exists in sendmail(8) *************** *** 118,124 **** A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: June 15, 2001 All architectures
  A race condition exists in the kernel execve(2) implementation that opens a small window of vulnerability for a non-privileged user to ptrace(2) attach to a suid/sgid process. --- 118,124 ---- A source code patch exists which remedies this problem.
  !
- 030: SECURITY FIX: June 15, 2001 All architectures
  A race condition exists in the kernel execve(2) implementation that opens a small window of vulnerability for a non-privileged user to ptrace(2) attach to a suid/sgid process. *************** *** 126,132 **** A source code patch exists which remedies this problem.
  !
- 029: SECURITY FIX: May 30, 2001 All architectures
  Programs using the fts(3) --- 126,132 ---- A source code patch exists which remedies this problem.
  !
- 029: SECURITY FIX: May 30, 2001 All architectures
  Programs using the fts(3) *************** *** 139,145 **** A source code patch exists which remedies this problem. This is the second version of the patch.
  !
- 028: SECURITY FIX: May 29, 2001 All architectures
  The signal handlers in 028: SECURITY FIX: May 29, 2001 All architectures
  The signal handlers in 027: SECURITY FIX: Apr 23, 2001 All architectures
  IPF has a serious problem with fragment caching, the bug is triggered if you use the ipf(5) syntax "keep state".
  A source code patch exists which remedies this problem.
  !
- 026: SECURITY FIX: Apr 23, 2001 All architectures
  ftpd(8) has a potential DoS related to glob(3). This patch introduces a GLOB_LIMIT, eliminating the DoS. You must have 025_glob.patch installed before installing this patch.
  A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: Apr 10, 2001 All architectures
  glob(3) contains multiple buffer overflows.
  A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: Mar 18, 2001 All architectures
  The readline library shipped with OpenBSD allows history files creation --- 151,178 ---- A source code patch exists which remedies this problem. It updates sendmail to version 8.11.4.
  !
- 027: SECURITY FIX: Apr 23, 2001 All architectures
  IPF has a serious problem with fragment caching, the bug is triggered if you use the ipf(5) syntax "keep state".
  A source code patch exists which remedies this problem.
  !
- 026: SECURITY FIX: Apr 23, 2001 All architectures
  ftpd(8) has a potential DoS related to glob(3). This patch introduces a GLOB_LIMIT, eliminating the DoS. You must have 025_glob.patch installed before installing this patch.
  A source code patch exists which remedies this problem.
  !
- 025: SECURITY FIX: Apr 10, 2001 All architectures
  glob(3) contains multiple buffer overflows.
  A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: Mar 18, 2001 All architectures
  The readline library shipped with OpenBSD allows history files creation *************** *** 184,203 **** A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: Mar 2, 2001 All architectures
  Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.
  A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: Mar 2, 2001
  The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default. A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: Feb 22, 2001 All architectures
  There is an exploitable heap corruption bug in --- 184,203 ---- A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: Mar 2, 2001 All architectures
  Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.
  A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: Mar 2, 2001
  The USER_LDT kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default. A source code patch exists which remedies this problem.
  !
- 021: SECURITY FIX: Feb 22, 2001 All architectures
  There is an exploitable heap corruption bug in *************** *** 206,226 **** A source code patch exists which remedies this problem.
  !
- 020: IMPLEMENTATION FIX: Feb 15, 2001 All architectures
  Client side ident protocol was broken in libwrap, affecting anything using libwrap including tcpd. The effect of this was that libwrap would never retrieve and log ident values from remote hosts on connections.
  A source code patch exists which remedies this problem.
  !
- 019: IMPLEMENTATION FIX: Jan 31, 2001 All architectures
  Fix memory allocation in the PCI LANCE driver, le. A side effect of this is that OpenBSD under VMWare now works again.
  A source code patch exists which remedies this problem.
  !
- 018: SECURITY FIX: Jan 29, 2001 All architectures
  Merge named --- 206,226 ---- A source code patch exists which remedies this problem.
  !
- 020: IMPLEMENTATION FIX: Feb 15, 2001 All architectures
  Client side ident protocol was broken in libwrap, affecting anything using libwrap including tcpd. The effect of this was that libwrap would never retrieve and log ident values from remote hosts on connections.
  A source code patch exists which remedies this problem.
  !
- 019: IMPLEMENTATION FIX: Jan 31, 2001 All architectures
  Fix memory allocation in the PCI LANCE driver, le. A side effect of this is that OpenBSD under VMWare now works again.
  A source code patch exists which remedies this problem.
  !
- 018: SECURITY FIX: Jan 29, 2001 All architectures
  Merge named *************** *** 229,255 **** A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: Jan 22, 2001 All architectures
  The rnd(4) device does not use all of its input when data is written to it.
  A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: Jan 4, 2001 All architectures
  Allow ThunderLAN cards to share interrupts nicely.
  A source code patch exists which remedies this problem.
  !
- 015: STABILITY FIX: Dec 22, 2000
  Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.
  A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: Dec 22, 2000 All architectures
  Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.
  --- 229,255 ---- A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: Jan 22, 2001 All architectures
  The rnd(4) device does not use all of its input when data is written to it.
  A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: Jan 4, 2001 All architectures
  Allow ThunderLAN cards to share interrupts nicely.
  A source code patch exists which remedies this problem.
  !
- 015: STABILITY FIX: Dec 22, 2000
  Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.
  A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: Dec 22, 2000 All architectures
  Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.
  *************** *** 269,289 ****
- Xlock - mvme68k
!
013: SECURITY FIX: Dec 18, 2000 All architectures
Procfs contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD.
A source code patch exists which remedies this problem.
!
012: INSTALL PROBLEM: Dec 14, 2000
The IMac DV+ (and probably some other machines) incorrectly identify their video hardware, but it is possible to work around the problem.
A source code patch exists which remedies this problem.
!
011: RELIABILITY FIX: Dec 13, 2000 All architectures
The crypto subsystem could incorrectly fail to run certain software ciphers, --- 269,289 ----
Xlock - mvme68k

013: SECURITY FIX: Dec 18, 2000 All architectures
Procfs contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD.
A source code patch exists which remedies this problem.

012: INSTALL PROBLEM: Dec 14, 2000
The IMac DV+ (and probably some other machines) incorrectly identify their video hardware, but it is possible to work around the problem.
A source code patch exists which remedies this problem.

011: RELIABILITY FIX: Dec 13, 2000 All architectures
The crypto subsystem could incorrectly fail to run certain software ciphers, *************** *** 291,311 **** A source code patch exists which remedies this problem.

010: RELIABILITY FIX: Dec 11, 2000 All architectures
A crash could occur during fast routing, if IPSEC was enabled.
A source code patch exists which remedies this problem.

009: SECURITY FIX: Dec 10, 2000 All architectures
Another problem exists in the Kerberos libraries.
A source code patch exists which remedies this problem.

008: SECURITY FIX: Dec 7, 2000 All architectures
Two problems have recently been discovered in the KerberosIV code.

--- 291,311 ---- A source code patch exists which remedies this problem.

010: RELIABILITY FIX: Dec 11, 2000 All architectures
A crash could occur during fast routing, if IPSEC was enabled.
A source code patch exists which remedies this problem.

009: SECURITY FIX: Dec 10, 2000 All architectures
Another problem exists in the Kerberos libraries.
A source code patch exists which remedies this problem.

008: SECURITY FIX: Dec 7, 2000 All architectures
Two problems have recently been discovered in the KerberosIV code.

*************** *** 321,327 **** A source code patch exists which remedies this problem.

007: INSTALL PROBLEM: Dec 4, 2000
The X packages share28.tgz --- 321,327 ---- A source code patch exists which remedies this problem.

007: INSTALL PROBLEM: Dec 4, 2000
The X packages share28.tgz *************** *** 334,340 **** # cd /; tar xvfpz xfont28.tgz

006: STABILITY FIX: Dec 4, 2000
On some machines, a PCIBIOS device driver interrupt allocation bug can cause a kernel hang while probing PCI devices. If you have this symptom, you can disable --- 334,340 ---- # cd /; tar xvfpz xfont28.tgz

005: SECURITY FIX: Dec 4, 2000 All architectures
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
--- 351,357 ---- permanently.

005: SECURITY FIX: Dec 4, 2000 All architectures
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.
*************** *** 359,365 **** A source code patch exists which remedies this problem. You can view the OpenBSD Advisory here.

004: RELIABILITY FIX: Nov 17, 2000 All architectures
First off, AES (Rijndael) encryption and decryption were broken for IPsec --- 359,365 ---- A source code patch exists which remedies this problem. You can view the OpenBSD Advisory here.

004: RELIABILITY FIX: Nov 17, 2000 All architectures
First off, AES (Rijndael) encryption and decryption were broken for IPsec *************** *** 369,381 **** A source code patch exists which remedies this problem. This is the second revision of the patch.

003: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
A source code patch exists which remedies this problem.

002: IMPLEMENTATION FIX: Nov 10, 2000 All architectures
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider --- 369,381 ---- A source code patch exists which remedies this problem. This is the second revision of the patch.

003: RELIABILITY FIX: Nov 17, 2000
Configuring a qec+qe causes a NMI panic.
A source code patch exists which remedies this problem.

002: IMPLEMENTATION FIX: Nov 10, 2000 All architectures
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider *************** *** 383,389 **** A source code patch exists which remedies this problem.

001: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would cause great grief.
--- 383,389 ---- A source code patch exists which remedies this problem.

001: RELIABILITY FIX: Nov 10, 2000
When running a sparc with a serial console, certain types of interrupts would cause great grief.