=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata29.html,v retrieving revision 1.65 retrieving revision 1.66 diff -u -r1.65 -r1.66 --- www/errata29.html 2014/03/28 03:04:30 1.65 +++ www/errata29.html 2014/03/31 03:12:47 1.66 @@ -6,7 +6,6 @@ - @@ -64,13 +63,16 @@ You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. +

-

The patches below are available in CVS via the +The patches below are available in CVS via the OPENBSD_2_9 patch branch. -

+ For more detailed information on how to install patches to OpenBSD, please -consult the OpenBSD FAQ. +consult the OpenBSD FAQ. +

+

@@ -79,19 +81,22 @@
  • 027: SECURITY FIX: June 25, 2002
    A potential buffer overflow in the DNS resolver has been found.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 026: SECURITY FIX: May 8, 2002
    A race condition exists where an attacker could fill the file descriptor table and defeat the kernel's protection of fd slots 0, 1, and 2 for a setuid or setgid process.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 025: SECURITY FIX: April 25, 2002
    A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 024: SECURITY FIX: April 22, 2002
    @@ -101,7 +106,8 @@ KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 023: SECURITY FIX: April 11, 2002
    @@ -109,7 +115,8 @@ will process tilde escapes even in non-interactive mode. This can lead to a local root compromise.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 022: RELIABILITY FIX: March 13, 2002
    @@ -119,22 +126,24 @@ function detects this. There is also a kernel zlib component that may be used by pppd and IPsec. The feasibility of attacking the kernel this way is currently unknown.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 021: SECURITY FIX: March 8, 2002
    A local user can gain super-user privileges due to an off-by-one check in the channel forwarding code of OpenSSH.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 020: SECURITY FIX: February 20, 2002
    A race condition between the ptrace(2) and execve(2) system calls allows an attacker to modify the memory contents of suid/sgid processes which could lead to compromise of the super-user account.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 019: SECURITY FIX: January 17, 2002
    @@ -146,8 +155,8 @@ ships with OpenBSD) is the mailer. As of version 1.6.5, sudo passes the mailer an environment that is not subject to influence from the invoking user.
    -A -source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 017: SECURITY FIX: November 28, 2001
    @@ -157,14 +166,16 @@ /etc/hosts.equiv) may be used to mount an attack and the attacker must have root access on the machine. OpenBSD does not start lpd in the default installation. -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 016: SECURITY FIX: November 13, 2001
    A security issue exists in the vi.recover script that may allow an attacker to remove arbitrary zero-length files, regardless of ownership.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 015: SECURITY FIX: September 11, 2001
    @@ -176,7 +187,8 @@ some UUCP commands are run as root (and daemon) from cron it is possible to leverage compromise of the UUCP user to gain root.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 014: SECURITY FIX: August 29, 2001
    @@ -187,7 +199,8 @@ access (ie: listed in either /etc/hosts.lpd or /etc/hosts.equiv) may be used to mount an attack.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 013: SECURITY FIX: August 21, 2001
    @@ -195,7 +208,8 @@ that may allow an attacker on the local host to gain root privileges by specifying out-of-bounds debug parameters.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 012: SECURITY FIX: July 30, 2001
    @@ -205,7 +219,8 @@ privileges can initiate this attack. In default installs, only super-user has mount privileges. The kern.usermount sysctl(3) controls whether other users have mount privileges.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 011: RELIABILITY FIX: July 15, 2001 @@ -216,7 +231,8 @@ packages-specs(7) for details).
    -A source code patch exists which remedies the problem, + +A source code patch exists which remedies this problem. by forcing /usr/sbin/pkg to be more careful in checking version numbers.

    @@ -230,14 +246,16 @@ and dump(8).
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem. This is the second version of the patch.

  • 007: SECURITY FIX: June 15, 2001
    A race condition exists in the kernel execve(2) implementation that opens a small window of vulnerability for a non-privileged user to ptrace(2) attach to a suid/sgid process.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 006: SECURITY FIX: June 12, 2001
    @@ -245,14 +263,16 @@ allows users to delete arbitrary files named "cookies" if X11 forwarding is enabled. X11 forwarding is disabled by default.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 005: RELIABILITY FIX: June 7, 2001
    pwd_mkdb(8) corrupts /etc/pwd.db when modifying an existing user.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 004: RELIABILITY FIX: June 5, 2001
    @@ -260,7 +280,8 @@ will fail to use a certificate with an identity string that is exactly N * 8 bytes long.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem.

  • 003: DOCUMENTATION FIX: June 1, 2001
    @@ -278,7 +299,8 @@ the old fts bug but happens when popping out of directories, as opposed to descending into them.
    -A source code patch exists which remedies the problem. + +A source code patch exists which remedies this problem. This is the second version of the patch.

  • @@ -287,7 +309,8 @@ context of a signal handler. This leads to potentially serious race conditions. At the moment this is a theoretical attack only and can only be exploited on the local host (if at all).
    -A source code patch exists which remedies the problem by updating sendmail to version 8.11.4. + +A source code patch exists which remedies this problem.

    @@ -299,12 +322,11 @@ The NVIDIA driver for XFree86 4.0.3 is incorrectly restoring the text mode palette upon exit of the X server. -A source code patch exists which remedies the problem. +A source code patch exists which remedies this problem. To avoid rebuilding the whole XFree86 tree, an updated binary driver is also available -here -. Just grab it, copy it to /usr/X11R6/lib/modules/drivers/ and +here. +Just grab it, copy it to /usr/X11R6/lib/modules/drivers/ and restart your X server.

  • @@ -313,8 +335,8 @@ The XF86Setup(1) configuration tool for XFree86 3.3.6 is producing corrupted /etc/XF86Config files. -A source code patch exists which remedies the problem by linking -XF86Setup against the XFree86 3.3.6 version of libXxf86vm.a. +A source code patch exists which remedies this problem. +It does so by linking XF86Setup against the XFree86 3.3.6 version of libXxf86vm.a.

  • When using a PS/2 keyboard with an MSI K7T Pro2A motherboard, it may be necessary to disable the "USB Keyboard Support" and @@ -322,12 +344,6 @@ keyboard controller doesn't acknowledge commands, confusing OpenBSD.

    - -

    alpha

    - -

    mac68k

    - -

    sparc

    - -

    - -

    amiga

    - -

    - -

    pmax

    - -

    - -

    hp300

    - -

    - -

    mvme68k

    - -

    - -

    powerpc

    - -

    - -

    vax

    - -

    - -

    sun3

    -