! 036: SECURITY FIX: November 14, 2002All architectures
A buffer overflow in
named(8)
--- 85,91 ----
! 036: SECURITY FIX: November 14, 2002All architectures
A buffer overflow in
named(8)
***************
*** 98,104 ****
A source code patch exists which remedies this problem.
! 035: SECURITY FIX: November 6, 2002All architectures
Incorrect argument checking in the
getrlimit(2)
--- 96,102 ----
A source code patch exists which remedies this problem.
! 035: SECURITY FIX: November 6, 2002All architectures
Incorrect argument checking in the
getrlimit(2)
***************
*** 107,113 ****
A source code patch exists which remedies this problem.
! 034: SECURITY FIX: November 6, 2002All architectures
An attacker can bypass the restrictions imposed by sendmail's restricted shell,
smrsh(8),
--- 105,111 ----
A source code patch exists which remedies this problem.
! 034: SECURITY FIX: November 6, 2002All architectures
An attacker can bypass the restrictions imposed by sendmail's restricted shell,
smrsh(8),
***************
*** 116,122 ****
A source code patch exists which remedies this problem.
! 033: SECURITY FIX: October 21, 2002All architectures
A buffer overflow can occur in the
kadmind(8)
--- 114,120 ----
A source code patch exists which remedies this problem.
! 033: SECURITY FIX: October 21, 2002All architectures
A buffer overflow can occur in the
kadmind(8)
***************
*** 125,131 ****
A source code patch exists which remedies this problem.
! 032: SECURITY FIX: October 7, 2002All architectures
Incorrect argument checking in the
setitimer(2) system call may allow an attacker to write to kernel memory.
--- 123,129 ----
A source code patch exists which remedies this problem.
! 032: SECURITY FIX: October 7, 2002All architectures
Incorrect argument checking in the
setitimer(2) system call may allow an attacker to write to kernel memory.
***************
*** 133,139 ****
A source code patch exists which remedies this problem.
! 031: SECURITY FIX: August 11, 2002All architectures
An insufficient boundary check in the
select(2)
--- 131,137 ----
A source code patch exists which remedies this problem.
! 031: SECURITY FIX: August 11, 2002All architectures
An insufficient boundary check in the
select(2)
***************
*** 143,149 ****
A source code patch exists which remedies this problem.
! 030: SECURITY FIX: July 30, 2002All architectures
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
ssl(8)
--- 141,147 ----
A source code patch exists which remedies this problem.
! 030: SECURITY FIX: July 30, 2002All architectures
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the
ssl(8)
***************
*** 156,162 ****
This is the second version of the patch.
! 029: SECURITY FIX: July 29, 2002All architectures
A buffer overflow can occur in the
xdr_array(3)
--- 154,160 ----
This is the second version of the patch.
! 029: SECURITY FIX: July 29, 2002All architectures
A buffer overflow can occur in the
xdr_array(3)
***************
*** 167,173 ****
This is the second version of the patch.
! 028: SECURITY FIX: July 29, 2002All architectures
A race condition exists in the
pppd(8)
--- 165,171 ----
This is the second version of the patch.
! 028: SECURITY FIX: July 29, 2002All architectures
A race condition exists in the
pppd(8)
***************
*** 176,182 ****
A source code patch exists which remedies this problem.
! 027: RELIABILITY FIX: July 5, 2002All architectures
Receiving IKE payloads out of sequence can cause
isakmpd(8) to crash.
--- 174,180 ----
A source code patch exists which remedies this problem.
! 027: RELIABILITY FIX: July 5, 2002All architectures
Receiving IKE payloads out of sequence can cause
isakmpd(8) to crash.
***************
*** 186,206 ****
This is the second version of the patch.
! 024: SECURITY FIX: June 24, 2002All architectures
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
error that can result in an integer overflow and privilege escalation.
--- 184,204 ----
This is the second version of the patch.
! 024: SECURITY FIX: June 24, 2002All architectures
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
error that can result in an integer overflow and privilege escalation.
***************
*** 209,215 ****
security advisory.
! 023: SECURITY FIX: June 24, 2002All architectures
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
module, leading to possible remote crash or exploit.
--- 207,213 ----
security advisory.
! 023: SECURITY FIX: June 24, 2002All architectures
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
module, leading to possible remote crash or exploit.
***************
*** 217,223 ****
A source code patch exists which remedies this problem.
! 022: SECURITY FIX: June 19, 2002All architectures
A buffer overflow can occur during the interpretation of chunked
encoding in the http daemon, leading to possible remote crash or exploit.
--- 215,221 ----
A source code patch exists which remedies this problem.
! 022: SECURITY FIX: June 19, 2002All architectures
A buffer overflow can occur during the interpretation of chunked
encoding in the http daemon, leading to possible remote crash or exploit.
***************
*** 225,231 ****
A source code patch exists which remedies this problem.
! 021: SECURITY FIX: May 8, 2002All architectures
A race condition exists where an attacker could fill the file descriptor
table and defeat the kernel's protection of fd slots 0, 1, and 2 for a
--- 223,229 ----
A source code patch exists which remedies this problem.
! 021: SECURITY FIX: May 8, 2002All architectures
A race condition exists where an attacker could fill the file descriptor
table and defeat the kernel's protection of fd slots 0, 1, and 2 for a
***************
*** 234,247 ****
A source code patch exists which remedies this problem.
! 019: SECURITY FIX: April 22, 2002All architectures
A local user can gain super-user privileges due to a buffer overflow
in sshd(8)
--- 232,245 ----
A source code patch exists which remedies this problem.
! 019: SECURITY FIX: April 22, 2002All architectures
A local user can gain super-user privileges due to a buffer overflow
in sshd(8)
***************
*** 253,259 ****
A source code patch exists which remedies this problem.
! 018: SECURITY FIX: April 11, 2002All architectures mail(1)
will process tilde escapes even in non-interactive mode.
--- 251,257 ----
A source code patch exists which remedies this problem.
! 018: SECURITY FIX: April 11, 2002All architectures mail(1)
will process tilde escapes even in non-interactive mode.
***************
*** 263,269 ****
A source code patch exists which remedies this problem.
! 017: RELIABILITY FIX: March 26, 2002All architectures isakmpd(8)
will crash when receiving a zero length IKE packet due to a too-late length check.
--- 261,267 ----
A source code patch exists which remedies this problem.
! 017: RELIABILITY FIX: March 26, 2002All architectures isakmpd(8)
will crash when receiving a zero length IKE packet due to a too-late length check.
***************
*** 272,278 ****
A source code patch exists which remedies this problem.
! 016: SECURITY FIX: March 19, 2002All architectures
Under certain conditions, on systems using YP with netgroups in the password
database, it is possible for the
--- 270,276 ----
A source code patch exists which remedies this problem.
! 016: SECURITY FIX: March 19, 2002All architectures
Under certain conditions, on systems using YP with netgroups in the password
database, it is possible for the
***************
*** 289,295 ****
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: March 13, 2002All architectures
Under some circumstances the zlib compression library can free dynamically
allocated memory twice. This is not a security issue on OpenBSD since the BSD
--- 287,293 ----
A source code patch exists which remedies this problem.
! 015: RELIABILITY FIX: March 13, 2002All architectures
Under some circumstances the zlib compression library can free dynamically
allocated memory twice. This is not a security issue on OpenBSD since the BSD
***************
*** 301,307 ****
A source code patch exists which remedies this problem.
! 014: SECURITY FIX: March 8, 2002All architectures
A local user can gain super-user privileges due to an off-by-one check
in the channel forwarding code of OpenSSH.
--- 299,305 ----
A source code patch exists which remedies this problem.
! 014: SECURITY FIX: March 8, 2002All architectures
A local user can gain super-user privileges due to an off-by-one check
in the channel forwarding code of OpenSSH.
***************
*** 309,322 ****
A source code patch exists which remedies this problem.
! 012: SECURITY FIX: January 21, 2002All architectures
A race condition between the ptrace(2) and execve(2) system calls allows
an attacker to modify the memory contents of suid/sgid processes which
--- 307,320 ----
A source code patch exists which remedies this problem.
! 012: SECURITY FIX: January 21, 2002All architectures
A race condition between the ptrace(2) and execve(2) system calls allows
an attacker to modify the memory contents of suid/sgid processes which
***************
*** 325,331 ****
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: January 17, 2002All architectures
If the Postfix sendmail replacement is installed on a system an
attacker may be able to gain root privileges on the local host via
--- 323,329 ----
A source code patch exists which remedies this problem.
! 011: SECURITY FIX: January 17, 2002All architectures
If the Postfix sendmail replacement is installed on a system an
attacker may be able to gain root privileges on the local host via
***************
*** 339,345 ****
A source code patch exists which remedies this problem.
! 010: RELIABILITY FIX: December 13, 2001All architectures
Systems running with IP-in-IP encapsulation can be made to crash by
malformed packets.
--- 337,343 ----
A source code patch exists which remedies this problem.
! 010: RELIABILITY FIX: December 13, 2001All architectures
Systems running with IP-in-IP encapsulation can be made to crash by
malformed packets.
***************
*** 347,353 ****
A source code patch exists which remedies this problem.
! 009: INSTALLATION FIX: December 11, 2001
The 3.0 CD2 was created with an error which means that the instructions
for booting this architecture will not work. Instead, to boot the
--- 345,351 ----
A source code patch exists which remedies this problem.
! 009: INSTALLATION FIX: December 11, 2001
The 3.0 CD2 was created with an error which means that the instructions
for booting this architecture will not work. Instead, to boot the
***************
*** 357,363 ****
boot cd:,OFWBOOT /3.0/macppc/bsd.rd
! 008: SECURITY FIX: November 28, 2001All architectures
A security issue exists in the lpd daemon that may allow an attacker
to create arbitrary new files in the root directory. Only machines
--- 355,361 ----
boot cd:,OFWBOOT /3.0/macppc/bsd.rd
! 008: SECURITY FIX: November 28, 2001All architectures
A security issue exists in the lpd daemon that may allow an attacker
to create arbitrary new files in the root directory. Only machines
***************
*** 369,375 ****
A source code patch exists which remedies this problem.
! 007: SECURITY FIX: November 13, 2001All architectures
A security issue exists in the vi.recover script that may allow an attacker
to remove arbitrary zero-length files, regardless of ownership.
--- 367,373 ----
A source code patch exists which remedies this problem.
! 007: SECURITY FIX: November 13, 2001All architectures
A security issue exists in the vi.recover script that may allow an attacker
to remove arbitrary zero-length files, regardless of ownership.
***************
*** 378,384 ****
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: November 13, 2001All architectures pf(4)
was incapable of dealing with certain ipv6 icmp packets, resulting in a crash.
--- 376,382 ----
A source code patch exists which remedies this problem.
! 006: SECURITY FIX: November 13, 2001All architectures pf(4)
was incapable of dealing with certain ipv6 icmp packets, resulting in a crash.
***************
*** 387,393 ****
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: November 12, 2001
Execution of Altivec instructions will crash the kernel.
--- 385,391 ----
A source code patch exists which remedies this problem.
! 005: RELIABILITY FIX: November 12, 2001
Execution of Altivec instructions will crash the kernel.
***************
*** 395,401 ****
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: November 12, 2001
Hifn7751 based cards may stop working on certain motherboards due to
DMA errors.
--- 393,399 ----
A source code patch exists which remedies this problem.
! 004: RELIABILITY FIX: November 12, 2001
Hifn7751 based cards may stop working on certain motherboards due to
DMA errors.
***************
*** 404,410 ****
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: November 12, 2001
Access to a CD drive on the PCI ultrasparc machines results in a continuous stream
of bogus interrupt messages, causing great user anguish.
--- 402,408 ----
A source code patch exists which remedies this problem.
! 003: RELIABILITY FIX: November 12, 2001
Access to a CD drive on the PCI ultrasparc machines results in a continuous stream
of bogus interrupt messages, causing great user anguish.
***************
*** 413,419 ****
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: November 12, 2001All architectures sshd(8)
is being upgraded from OpenSSH 3.0 to OpenSSH 3.0.2 to fix a few problems:
--- 411,417 ----
A source code patch exists which remedies this problem.
! 002: SECURITY FIX: November 12, 2001All architectures sshd(8)
is being upgraded from OpenSSH 3.0 to OpenSSH 3.0.2 to fix a few problems:
***************
*** 441,455 ****
This is the second version of this patch.
! 001: INSTALL ISSUE: November 12, 2001All architectures
! A small bug in the installation script causes the /etc/hosts file to
be incorrectly formed.
The resulting file contains a line which reads like:
! #.#.#.# hostname. hostname
This line should actually read something like:
! #.#.#.# hostname.domainname.com hostname
To correct this problem, simply edit the file and insert the domainname in
the required place.
--- 439,453 ----
This is the second version of this patch.
! 001: INSTALL ISSUE: November 12, 2001All architectures
! A small bug in the installation script causes the /etc/hosts file to
be incorrectly formed.
The resulting file contains a line which reads like:
! #.#.#.# hostname. hostname
This line should actually read something like:
! #.#.#.# hostname.domainname.com hostname
To correct this problem, simply edit the file and insert the domainname in
the required place.
***************
*** 458,463 ****