version 1.16, 2004/02/19 03:30:52 |
version 1.17, 2004/02/26 07:33:56 |
|
|
<a name="all"></a> |
<a name="all"></a> |
<h3><font color="#e00000">All architectures</font></h3> |
<h3><font color="#e00000">All architectures</font></h3> |
<ul> |
<ul> |
<a name="font"></a> |
<li><a name="font"></a> |
<li><font color="#009000"><strong>017: RELIABILITY FIX: February 14, |
<font color="#009000"><strong>017: RELIABILITY FIX: February 14, |
2004</strong></font><br> |
2004</strong></font><br> |
Several buffer overflows exist in the code parsing |
Several buffer overflows exist in the code parsing |
font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
font.aliases files in XFree86. Thanks to ProPolice, these cannot be |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/017_font.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/017_font.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="ip6"></a> |
<li><a name="ip6"></a> |
<li><font color="#009000"><strong>016: SECURITY FIX: February 8, 2004</strong></font><br> |
<font color="#009000"><strong>016: SECURITY FIX: February 8, 2004</strong></font><br> |
An IPv6 MTU handling problem exists that could be used by an attacker |
An IPv6 MTU handling problem exists that could be used by an attacker |
to cause a denial of service attack against hosts with reachable IPv6 |
to cause a denial of service attack against hosts with reachable IPv6 |
TCP ports. |
TCP ports. |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/016_ip6.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/016_ip6.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="sysvshm"></a> |
<li><a name="sysvshm"></a> |
<li><font color="#009000"><strong>015: SECURITY FIX: February 5, 2004</strong></font><br> |
<font color="#009000"><strong>015: SECURITY FIX: February 5, 2004</strong></font><br> |
A reference counting bug exists in the |
A reference counting bug exists in the |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=shmat&apropos=0&sektion=2&manpath=OpenBSD+Current&format=html">shmat(2)</a> |
system call that could be used by an attacker to write to kernel memory |
system call that could be used by an attacker to write to kernel memory |
|
|
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/015_sysvshm.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/015_sysvshm.patch"> |
A source code patch exists which remedies the problem</a>.<br> |
A source code patch exists which remedies the problem</a>.<br> |
<p> |
<p> |
<a name="isakmpd"></a> |
<li><a name="isakmpd"></a> |
<li><font color="#009000"><strong>014: SECURITY FIX: January 15, 2004</strong></font><br> |
<font color="#009000"><strong>014: SECURITY FIX: January 15, 2004</strong></font><br> |
Several message handling flaws in |
Several message handling flaws in |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a> |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. |
have been reported by Thomas Walpuski. These allow an attacker to delete arbitrary SAs. |
|
|
system call can allow a local user to cause a kernel panic.<br> |
system call can allow a local user to cause a kernel panic.<br> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/002_semget.patch"> |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/002_semget.patch"> |
A source code patch exists which remedies the problem</a>. |
A source code patch exists which remedies the problem</a>. |
<a name="realpath"></a> |
|
<p> |
<p> |
<li><font color="#009000"><strong>001: SECURITY FIX: August 4, 2003</strong></font><br> |
<li><a name="realpath"></a> |
|
<font color="#009000"><strong>001: SECURITY FIX: August 4, 2003</strong></font><br> |
An off-by-one error exists in the C library function |
An off-by-one error exists in the C library function |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realpath&sektion=3">realpath(3)</a>. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=realpath&sektion=3">realpath(3)</a>. |
Since this same bug resulted in a root compromise in the wu-ftpd ftp server |
Since this same bug resulted in a root compromise in the wu-ftpd ftp server |