=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v retrieving revision 1.58 retrieving revision 1.59 diff -c -r1.58 -r1.59 *** www/errata34.html 2014/03/28 03:04:30 1.58 --- www/errata34.html 2014/03/31 03:12:47 1.59 *************** *** 6,12 **** - --- 6,11 ---- *************** *** 65,77 **** You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. !

The patches below are available in CVS via the OPENBSD_3_4 patch branch. -

For more detailed information on how to install patches to OpenBSD, please consult the OpenBSD FAQ.

--- 64,79 ---- You can also fetch a tar.gz file containing all the following patches. This file is updated once a day. +

! The patches below are available in CVS via the OPENBSD_3_4 patch branch.

+ For more detailed information on how to install patches to OpenBSD, please consult the OpenBSD FAQ. +

+

*************** *** 87,93 **** credentials on a socket.
! A source code patch exists which remedies this problem.

  • 034: RELIABILITY FIX: November 10, 2004
    --- 89,95 ---- credentials on a socket.
    ! A source code patch exists which remedies this problem.

  • 034: RELIABILITY FIX: November 10, 2004
    *************** *** 100,106 **** to exhaust memory and then crash when parsing such pages.
    ! A source code patch exists which remedies this problem.

  • 033: RELIABILITY FIX: November 10, 2004
    --- 102,108 ---- to exhaust memory and then crash when parsing such pages.
    ! A source code patch exists which remedies this problem.

  • 033: RELIABILITY FIX: November 10, 2004
    *************** *** 109,115 **** be used to deny service to other users.
    ! A source code patch exists which remedies this problem.

  • 032: RELIABILITY FIX: November 10, 2004
    --- 111,117 ---- be used to deny service to other users.
    ! A source code patch exists which remedies this problem.

  • 032: RELIABILITY FIX: November 10, 2004
    *************** *** 118,124 **** thus slow DNS queries.
    ! A source code patch exists which remedies this problem.

  • 031: SECURITY FIX: September 20, 2004
    --- 120,126 ---- thus slow DNS queries.
    ! A source code patch exists which remedies this problem.

  • 031: SECURITY FIX: September 20, 2004
    *************** *** 129,135 **** attacker. Note that OpenBSD does not ship with radius authentication enabled.
    ! A source code patch exists which remedies this problem.

  • 030: SECURITY FIX: September 16, 2004
    --- 131,137 ---- attacker. Note that OpenBSD does not ship with radius authentication enabled.
    ! A source code patch exists which remedies this problem.

  • 030: SECURITY FIX: September 16, 2004
    *************** *** 142,148 **** an application that handles XPM images, if they could escape ProPolice.
    ! A source code patch exists which remedies this problem.

  • 029: SECURITY FIX: September 10, 2004
    --- 144,150 ---- an application that handles XPM images, if they could escape ProPolice.
    ! A source code patch exists which remedies this problem.

  • 029: SECURITY FIX: September 10, 2004
    *************** *** 153,159 **** dbm file.
    ! A source code patch exists which remedies this problem.

  • --- 155,161 ---- dbm file.
    ! A source code patch exists which remedies this problem.

  • *************** *** 165,171 **** with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
    ! A source code patch exists which remedies this problem.

  • 027: RELIABILITY FIX: August 25, 2004
    --- 167,173 ---- with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
    ! A source code patch exists which remedies this problem.

  • 027: RELIABILITY FIX: August 25, 2004
    *************** *** 175,181 **** http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
    ! A source code patch exists which remedies this problem.

  • 026: RELIABILITY FIX: Jul 25, 2004
    --- 177,183 ---- http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html
    ! A source code patch exists which remedies this problem.

  • 026: RELIABILITY FIX: Jul 25, 2004
    *************** *** 184,190 **** manifested itself as a FPU related crash on boot up.
    ! A source code patch exists which remedies this problem.

  • 025: SECURITY FIX: June 12, 2004
    --- 186,192 ---- manifested itself as a FPU related crash on boot up.
    ! A source code patch exists which remedies this problem.

  • 025: SECURITY FIX: June 12, 2004
    *************** *** 197,203 **** CAN-2004-0492.
    ! A source code patch exists which remedies this problem.

  • 024: SECURITY FIX: June 10, 2004
    --- 199,205 ---- CAN-2004-0492.
    ! A source code patch exists which remedies this problem.

  • 024: SECURITY FIX: June 10, 2004
    *************** *** 209,215 **** tunnels at will.
    ! A source code patch exists which remedies this problem.

  • 023: SECURITY FIX: June 9, 2004
    --- 211,217 ---- tunnels at will.
    ! A source code patch exists which remedies this problem.

  • 023: SECURITY FIX: June 9, 2004
    *************** *** 219,231 **** code with the same privileges as the CVS server program.
    ! A source code patch exists which remedies this problem.

  • ! 022: SECURITY FIX: May 30, ! 2004
    ! A flaw in the Kerberos V kdc(8) server could result in the administrator of a Kerberos realm having the ability to impersonate any principal in any other realm which has established a cross-realm trust with their realm. The flaw is due to --- 221,232 ---- code with the same privileges as the CVS server program.
    ! A source code patch exists which remedies this problem.

  • ! 022: SECURITY FIX: May 30, 2004
    ! A flaw in the Kerberos V ! kdc(8) server could result in the administrator of a Kerberos realm having the ability to impersonate any principal in any other realm which has established a cross-realm trust with their realm. The flaw is due to *************** *** 233,245 **** more details see Heimdal's announcement.
    ! ! A source code patch exists which remedies this problem.

  • ! 021: SECURITY FIX: May 20, ! 2004
    A heap overflow in the cvs(1) server has been discovered that can be exploited by clients sending --- 234,244 ---- more details see Heimdal's announcement.
    ! ! A source code patch exists which remedies this problem.

  • ! 021: SECURITY FIX: May 20, 2004
    A heap overflow in the cvs(1) server has been discovered that can be exploited by clients sending *************** *** 247,283 **** with the same privileges as the CVS server program.
    ! A source code patch exists which remedies this problem.

  • ! 020: SECURITY FIX: May 13, ! 2004
    Check for integer overflow in procfs. Use of procfs is not recommended.
    ! A source code patch exists which remedies this problem.

  • ! 019: RELIABILITY FIX: May 6, ! 2004
    Reply to in-window SYN with a rate-limited ACK.
    ! A source code patch exists which remedies this problem.

  • ! 018: RELIABILITY FIX: May 5, ! 2004
    Under load "recent model" gdt(4) controllers will lock up.
    ! A source code patch exists which remedies this problem.

  • ! 017: SECURITY FIX: May 5, ! 2004
    Pathname validation problems have been found in cvs(1), allowing malicious clients to create files outside the repository, allowing --- 246,278 ---- with the same privileges as the CVS server program.
    ! A source code patch exists which remedies this problem.

  • ! 020: SECURITY FIX: May 13, 2004
    Check for integer overflow in procfs. Use of procfs is not recommended.
    ! A source code patch exists which remedies this problem.

  • ! 019: RELIABILITY FIX: May 6, 2004
    Reply to in-window SYN with a rate-limited ACK.
    ! A source code patch exists which remedies this problem.

  • ! 018: RELIABILITY FIX: May 5, 2004
    Under load "recent model" gdt(4) controllers will lock up.
    ! A source code patch exists which remedies this problem.

  • ! 017: SECURITY FIX: May 5, 2004
    Pathname validation problems have been found in cvs(1), allowing malicious clients to create files outside the repository, allowing *************** *** 286,307 **** repository.
    ! A source code patch exists which remedies this problem.

  • ! 016: RELIABILITY FIX: March 17, ! 2004
    A missing check for a NULL-pointer dereference has been found in ssl(3). A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.
    ! A source code patch exists which remedies this problem.

  • ! 015: RELIABILITY FIX: March 17, ! 2004
    Defects in the payload validation and processing functions of isakmpd(8) have been discovered. An attacker could send malformed ISAKMP messages and --- 281,300 ---- repository.
    ! A source code patch exists which remedies this problem.

  • ! 016: RELIABILITY FIX: March 17, 2004
    A missing check for a NULL-pointer dereference has been found in ssl(3). A remote attacker can use the bug to cause an OpenSSL application to crash; this may lead to a denial of service.
    ! A source code patch exists which remedies this problem.

  • ! 015: RELIABILITY FIX: March 17, 2004
    Defects in the payload validation and processing functions of isakmpd(8) have been discovered. An attacker could send malformed ISAKMP messages and *************** *** 309,347 **** and removes some memory leaks.
    ! A source code patch exists which remedies this problem.

  • ! 014: SECURITY FIX: March 13, ! 2004
    Due to a bug in the parsing of Allow/Deny rules for httpd(8)'s access module, using IP addresses without a netmask on big endian 64-bit platforms causes the rules to fail to match. This only affects sparc64.
    ! A source code patch exists which remedies the problem.

  • ! 013: RELIABILITY FIX: March 8, ! 2004
    OpenBSD's TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system. An attacker could send out-of-order TCP segments and trick the system into using all available memory buffers.
    ! A source code patch exists which remedies the problem.

  • ! 012: RELIABILITY FIX: February 14, ! 2004
    Several buffer overflows exist in the code parsing font.aliases files in XFree86. Thanks to ProPolice, these cannot be exploited to gain privileges, but they can cause the X server to abort.
    ! A source code patch exists which remedies the problem.

  • 011: SECURITY FIX: February 8, 2004
    --- 302,337 ---- and removes some memory leaks.
    ! A source code patch exists which remedies this problem.

  • ! 014: SECURITY FIX: March 13, 2004
    Due to a bug in the parsing of Allow/Deny rules for httpd(8)'s access module, using IP addresses without a netmask on big endian 64-bit platforms causes the rules to fail to match. This only affects sparc64.
    ! A source code patch exists which remedies this problem.

  • ! 013: RELIABILITY FIX: March 8, 2004
    OpenBSD's TCP/IP stack did not impose limits on how many out-of-order TCP segments are queued in the system. An attacker could send out-of-order TCP segments and trick the system into using all available memory buffers.
    ! A source code patch exists which remedies this problem.

  • ! 012: RELIABILITY FIX: February 14, 2004
    Several buffer overflows exist in the code parsing font.aliases files in XFree86. Thanks to ProPolice, these cannot be exploited to gain privileges, but they can cause the X server to abort.
    ! A source code patch exists which remedies this problem.

  • 011: SECURITY FIX: February 8, 2004
    *************** *** 350,356 **** TCP ports.
    ! A source code patch exists which remedies the problem.

  • 010: SECURITY FIX: February 5, 2004
    --- 340,346 ---- TCP ports.
    ! A source code patch exists which remedies this problem.

  • 010: SECURITY FIX: February 5, 2004
    *************** *** 360,366 **** under certain circumstances.
    ! A source code patch exists which remedies the problem.

  • 009: SECURITY FIX: January 13, 2004
    --- 350,356 ---- under certain circumstances.
    ! A source code patch exists which remedies this problem.

  • 009: SECURITY FIX: January 13, 2004
    *************** *** 371,377 **** installed.
    ! A source code patch exists which remedies these problems.

  • 008: RELIABILITY FIX: November 20, 2003
    --- 361,367 ---- installed.
    ! A source code patch exists which remedies this problem.

  • 008: RELIABILITY FIX: November 20, 2003
    *************** *** 382,388 **** certain arguments.
    ! A source code patch exists which remedies the problem.

  • 007: RELIABILITY FIX: November 20, 2003
    --- 372,378 ---- certain arguments.
    ! A source code patch exists which remedies this problem.

  • 007: RELIABILITY FIX: November 20, 2003
    *************** *** 390,403 **** sysctl(3) with certain arguments.
    ! A source code patch exists which remedies the problem.

  • 005: RELIABILITY FIX: November 4, 2003
    It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
    ! A source code patch exists which remedies the problem.

  • 004: RELIABILITY FIX: November 1, 2003
    --- 380,393 ---- sysctl(3) with certain arguments.
    ! A source code patch exists which remedies this problem.

  • 005: RELIABILITY FIX: November 4, 2003
    It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
    ! A source code patch exists which remedies this problem.

  • 004: RELIABILITY FIX: November 1, 2003
    *************** *** 408,421 **** is believed that ProPolice will prevent code execution).
    ! A source code patch exists which remedies the problem.

  • 003: RELIABILITY FIX: November 1, 2003
    It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.
    ! A source code patch exists which remedies the problem.

  • 002: SECURITY FIX: November 1, 2003
    --- 398,411 ---- is believed that ProPolice will prevent code execution).
    ! A source code patch exists which remedies this problem.

  • 003: RELIABILITY FIX: November 1, 2003
    It is possible for a local user to cause a system panic by flooding it with spoofed ARP requests.
    ! A source code patch exists which remedies this problem.

  • 002: SECURITY FIX: November 1, 2003
    *************** *** 424,430 **** ssl(3). This does not affect OpenSSH.
    ! A source code patch exists which remedies the problem.

  • 001: DOCUMENTATION FIX: November 1, 2003
    --- 414,420 ---- ssl(3). This does not affect OpenSSH.
    ! A source code patch exists which remedies this problem.

  • 001: DOCUMENTATION FIX: November 1, 2003
    *************** *** 453,514 **** for this to happen.
    ! A source code patch exists which remedies the problem.

    - -

    alpha

    - -

    - -

    mac68k

    - -

    - -

    sparc

    - -

    - -

    sparc64

    - -

    - -

    hppa

    - -

    - -

    hp300

    - -

    - -

    mvme68k

    - -

    - -

    macppc

    - -

    - -

    vax

    - --- 443,452 ---- for this to happen.
    ! A source code patch exists which remedies this problem.