www/errata31.html - diff

Return to errata31.html CVS log

Up to [local] / www

Diff for /www/errata31.html between version 1.87 and 1.88

version 1.87, 2019/04/02 12:46:56

version 1.88, 2019/05/27 22:55:19

Line 1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<!doctype html>

<html>

<head>

<title>OpenBSD 3.1 Errata</title>

</head>

<!--

IMPORTANT REMINDER

IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE

-->

<h2>

OpenBSD</a>

OpenBSD</a>

3.1 Errata

3.1 Errata

</h2>

<hr>

Line 87

Line 85

<ul>

027: SECURITY FIX: March 31, 2003

027: SECURITY FIX: March 31, 2003

All architectures

A buffer overflow in the address parsing in

<a href="https://man.openbsd.org/OpenBSD-3.1/sendmail.8">sendmail(8)</a>

Line 96

Line 94

A source code patch exists which remedies this problem.</a>

026: SECURITY FIX: March 24, 2003

026: SECURITY FIX: March 24, 2003

All architectures

The cryptographic weaknesses in the Kerberos v4 protocol can be exploited

on Kerberos v5 as well.

Line 105

Line 103

A source code patch exists which remedies this problem.</a>

025: SECURITY FIX: March 19, 2003

025: SECURITY FIX: March 19, 2003

All architectures

OpenSSL is vulnerable to an extension of the ``Bleichenbacher'' attack designed

OpenSSL is vulnerable to an extension of the "Bleichenbacher" attack designed

by Czech researchers Klima, Pokorny and Rosa.

A source code patch exists which remedies this problem.</a>

024: SECURITY FIX: March 18, 2003

024: SECURITY FIX: March 18, 2003

All architectures

Various SSL and TLS operations in OpenSSL are vulnerable to timing attacks.

Line 122

Line 120

A source code patch exists which remedies this problem.</a>

023: SECURITY FIX: March 5, 2003

023: SECURITY FIX: March 5, 2003

All architectures

A fix for an

Line 132

Line 130

A source code patch exists which remedies this problem.</a>

022: SECURITY FIX: March 3, 2003

022: SECURITY FIX: March 3, 2003

All architectures

A buffer overflow in the envelope comments processing in

<a href="https://man.openbsd.org/OpenBSD-3.1/sendmail.8">sendmail(8)</a>

Line 141

Line 139

A source code patch exists which remedies this problem.</a>

021: SECURITY FIX: February 23, 2003

021: SECURITY FIX: February 23, 2003

All architectures

<a href="https://man.openbsd.org/OpenBSD-3.1/ssl.8">ssl(8)</a> an information leak can occur via timing by performing a MAC computation

Line 151

Line 149

A source code patch exists which fixes these two issues</a>.

020: SECURITY FIX: January 20, 2003

020: SECURITY FIX: January 20, 2003

All architectures

A double free in

Line 164

Line 162

A source code patch exists which remedies this problem.</a>

019: SECURITY FIX: November 14, 2002

019: SECURITY FIX: November 14, 2002

All architectures

A buffer overflow in

<a href="https://man.openbsd.org/OpenBSD-3.1/named.8">named(8)</a>

Line 175

Line 173

A source code patch exists which remedies this problem.</a>

018: SECURITY FIX: November 6, 2002

018: SECURITY FIX: November 6, 2002

All architectures

Incorrect argument checking in the

<a href="https://man.openbsd.org/OpenBSD-3.1/getrlimit.2">getrlimit(2)</a>

Line 184

Line 182

A source code patch exists which remedies this problem.</a>

017: SECURITY FIX: November 6, 2002

017: SECURITY FIX: November 6, 2002

All architectures

An attacker can bypass the restrictions imposed by sendmail's restricted shell,

<a href="https://man.openbsd.org/OpenBSD-3.1/smrsh.8">smrsh(8)</a>,

Line 193

Line 191

A source code patch exists which remedies this problem.</a>

016: SECURITY FIX: October 21, 2002

016: SECURITY FIX: October 21, 2002

All architectures

A buffer overflow can occur in the

<a href="https://man.openbsd.org/OpenBSD-3.1/kadmind.8">kadmind(8)</a>

Line 202

Line 200

A source code patch exists which remedies this problem.</a>

015: SECURITY FIX: October 2, 2002

015: SECURITY FIX: October 2, 2002

All architectures

Incorrect argument checking in the

<a href="https://man.openbsd.org/OpenBSD-3.1/setitimer.2">setitimer(2)</a> system call may allow an attacker to write to kernel memory.

Line 210

Line 208

A source code patch exists which remedies this problem.</a>

014: SECURITY FIX: August 11, 2002

014: SECURITY FIX: August 11, 2002

All architectures

An insufficient boundary check in the

<a href="https://man.openbsd.org/OpenBSD-3.1/select.2">select(2)</a>

Line 220

Line 218

A source code patch exists which remedies this problem.</a>

013: SECURITY FIX: July 30, 2002

013: SECURITY FIX: July 30, 2002

All architectures

Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the

Line 233

Line 231

This is the second version of the patch.

012: SECURITY FIX: July 29, 2002

012: SECURITY FIX: July 29, 2002

All architectures

A buffer overflow can occur in the

<a href="https://man.openbsd.org/OpenBSD-3.1/xdr_array.3">xdr_array(3)</a>

Line 244

Line 242

This is the second version of the patch.

011: SECURITY FIX: July 29, 2002

011: SECURITY FIX: July 29, 2002

All architectures

A race condition exists in the

Line 253

Line 251

A source code patch exists which remedies this problem.</a>

010: RELIABILITY FIX: July 5, 2002

010: RELIABILITY FIX: July 5, 2002

All architectures

Receiving IKE payloads out of sequence can cause

<a href="https://man.openbsd.org/OpenBSD-3.1/isakmpd.8">isakmpd(8)</a> to crash.

Line 263

Line 261

This is the second version of the patch.

009: SECURITY FIX: June 27, 2002

009: SECURITY FIX: June 27, 2002

All architectures

The kernel would let any user <a href="https://man.openbsd.org/OpenBSD-3.1/ktrace.2">ktrace(2)</a> set[ug]id processes.

A source code patch exists which remedies this problem.</a>

008: SECURITY FIX: June 26, 2002

008: SECURITY FIX: June 26, 2002

All architectures

A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd

module, leading to possible remote crash or exploit.

Line 278

Line 276

A source code patch exists which remedies this problem.</a>

007: SECURITY FIX: June 25, 2002

007: SECURITY FIX: June 25, 2002

All architectures

A potential buffer overflow in the DNS resolver has been found.

A source code patch exists which remedies this problem.</a>

006: SECURITY FIX: June 24, 2002

006: SECURITY FIX: June 24, 2002

All architectures

All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation

error that can result in an integer overflow and privilege escalation.

Line 294

Line 292

<a href="https://www.openssh.com/txt/preauth.adv">security advisory</a>.

005: SECURITY FIX: June 19, 2002

005: SECURITY FIX: June 19, 2002

All architectures

A buffer overflow can occur during the interpretation of chunked

encoding in the http daemon, leading to possible remote crash or exploit.

Line 302

Line 300

A source code patch exists which remedies this problem.</a>

004: SECURITY FIX: May 22, 2002

004: SECURITY FIX: May 22, 2002

All architectures

Under certain conditions, on systems using YP with netgroups in the

password database, it is possible that

Line 315

Line 313

A source code patch exists which remedies this problem.</a>

003: SECURITY FIX: May 8, 2002

003: SECURITY FIX: May 8, 2002

All architectures

A race condition exists where an attacker could fill the file descriptor

table and defeat the kernel's protection of fd slots 0, 1, and 2 for a

Line 324

Line 322

A source code patch exists which remedies this problem.</a>

002: SECURITY FIX: April 25, 2002

002: SECURITY FIX: April 25, 2002

All architectures

A bug in <a href="https://man.openbsd.org/OpenBSD-3.1/sudo.8">sudo(8)</a> may allow an attacker to corrupt the heap by specifying a custom prompt.

A source code patch exists which remedies this problem.</a>

001: SECURITY FIX: April 22, 2002

001: SECURITY FIX: April 22, 2002

All architectures

A local user can gain super-user privileges due to a buffer overflow

in <a href="https://man.openbsd.org/OpenBSD-3.1/sshd.8">sshd(8)</a>

Line 346

Line 344

</ul>

<hr>

</body>

</html>