=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata29.html,v retrieving revision 1.54 retrieving revision 1.55 diff -u -r1.54 -r1.55 --- www/errata29.html 2010/03/08 21:53:37 1.54 +++ www/errata29.html 2010/07/08 19:00:07 1.55 @@ -53,7 +53,7 @@
- + You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. @@ -71,19 +71,19 @@
  • 027: SECURITY FIX: June 25, 2002
    A potential buffer overflow in the DNS resolver has been found.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 026: SECURITY FIX: May 8, 2002
    A race condition exists where an attacker could fill the file descriptor table and defeat the kernel's protection of fd slots 0, 1, and 2 for a setuid or setgid process.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 025: SECURITY FIX: April 25, 2002
    A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 024: SECURITY FIX: April 22, 2002
    @@ -93,7 +93,7 @@ KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. Ticket and token passing is not enabled by default.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 023: SECURITY FIX: April 11, 2002
    @@ -101,7 +101,7 @@ will process tilde escapes even in non-interactive mode. This can lead to a local root compromise.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 022: RELIABILITY FIX: March 13, 2002
    @@ -111,14 +111,14 @@ function detects this. There is also a kernel zlib component that may be used by pppd and IPsec. The feasibility of attacking the kernel this way is currently unknown.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 021: SECURITY FIX: March 8, 2002
    A local user can gain super-user privileges due to an off-by-one check in the channel forwarding code of OpenSSH.
    -A source code patch exists which remedies the problem.

  • @@ -126,7 +126,7 @@ A race condition between the ptrace(2) and execve(2) system calls allows an attacker to modify the memory contents of suid/sgid processes which could lead to compromise of the super-user account.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 019: SECURITY FIX: January 17, 2002
    @@ -138,7 +138,7 @@ ships with OpenBSD) is the mailer. As of version 1.6.5, sudo passes the mailer an environment that is not subject to influence from the invoking user.
    -A +A source code patch exists which remedies the problem.

  • @@ -149,14 +149,14 @@ /etc/hosts.equiv) may be used to mount an attack and the attacker must have root access on the machine. OpenBSD does not start lpd in the default installation. -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 016: SECURITY FIX: November 13, 2001
    A security issue exists in the vi.recover script that may allow an attacker to remove arbitrary zero-length files, regardless of ownership.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 015: SECURITY FIX: September 11, 2001
    @@ -168,7 +168,7 @@ some UUCP commands are run as root (and daemon) from cron it is possible to leverage compromise of the UUCP user to gain root.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 014: SECURITY FIX: August 29, 2001
    @@ -179,7 +179,7 @@ access (ie: listed in either /etc/hosts.lpd or /etc/hosts.equiv) may be used to mount an attack.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 013: SECURITY FIX: August 21, 2001
    @@ -187,7 +187,7 @@ that may allow an attacker on the local host to gain root privileges by specifying out-of-bounds debug parameters.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 012: SECURITY FIX: July 30, 2001
    @@ -197,7 +197,7 @@ privileges can initiate this attack. In default installs, only super-user has mount privileges. The kern.usermount sysctl(3) controls whether other users have mount privileges.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 011: RELIABILITY FIX: July 15, 2001 @@ -208,7 +208,7 @@ packages-specs(7) for details).
    -A source code patch exists which remedies the problem, +A source code patch exists which remedies the problem, by forcing /usr/sbin/pkg to be more careful in checking version numbers.

    @@ -222,14 +222,14 @@ and dump(8).
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem. This is the second version of the patch.

  • 007: SECURITY FIX: June 15, 2001
    A race condition exists in the kernel execve(2) implementation that opens a small window of vulnerability for a non-privileged user to ptrace(2) attach to a suid/sgid process.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 006: SECURITY FIX: June 12, 2001
    @@ -237,14 +237,14 @@ allows users to delete arbitrary files named "cookies" if X11 forwarding is enabled. X11 forwarding is disabled by default.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 005: RELIABILITY FIX: June 7, 2001
    pwd_mkdb(8) corrupts /etc/pwd.db when modifying an existing user.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 004: RELIABILITY FIX: June 5, 2001
    @@ -252,7 +252,7 @@ will fail to use a certificate with an identity string that is exactly N * 8 bytes long.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem.

  • 003: DOCUMENTATION FIX: June 1, 2001
    @@ -270,7 +270,7 @@ the old fts bug but happens when popping out of directories, as opposed to descending into them.
    -A source code patch exists which remedies the problem. +A source code patch exists which remedies the problem. This is the second version of the patch.

  • @@ -279,7 +279,7 @@ context of a signal handler. This leads to potentially serious race conditions. At the moment this is a theoretical attack only and can only be exploited on the local host (if at all).
    -A source code patch exists which remedies the problem by updating sendmail to version 8.11.4. +A source code patch exists which remedies the problem by updating sendmail to version 8.11.4.

    @@ -290,12 +290,12 @@ 2001
    The NVIDIA driver for XFree86 4.0.3 is incorrectly restoring the text mode palette upon exit of the X server. +href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.9/i386/010_nvidia.patch"> A source code patch exists which remedies the problem. To avoid rebuilding the whole XFree86 tree, an updated binary driver is also available here +href="http://ftp.openbsd.org/pub/OpenBSD/patches/2.9/i386/nv_drv.o">here . Just grab it, copy it to /usr/X11R6/lib/modules/drivers/ and restart your X server.

    @@ -304,7 +304,7 @@ 2001
    The XF86Setup(1) configuration tool for XFree86 3.3.6 is producing corrupted /etc/XF86Config files. - + A source code patch exists which remedies the problem by linking XF86Setup against the XFree86 3.3.6 version of libXxf86vm.a.

    @@ -329,9 +329,9 @@ missing files can be added manually from the sparc tarballs after the installation:
    Grab the -xbase29.tgz +xbase29.tgz and -xshare29.tgz +xshare29.tgz files found in the 2.9/sparc directory on the CD, or any FTP site. The missing files can be installed by using the following commands: 

    @@ -427,7 +427,7 @@
 
    
 OpenBSD 
 www@openbsd.org
-
    $OpenBSD: errata29.html,v 1.54 2010/03/08 21:53:37 deraadt Exp $
+
    $OpenBSD: errata29.html,v 1.55 2010/07/08 19:00:07 sthen Exp $