Return to errata34.html CVS log | Up to [local] / www |
version 1.60, 2014/03/31 03:36:54 | version 1.61, 2014/03/31 04:11:40 | ||
---|---|---|---|
|
|
||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> | <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/007_uvm.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
<li><a name="ibcs2"></a> | |||
<font color="#009000"><strong>006: SECURITY FIX: November 17, 2003</strong></font> <i>i386 only</a><br> | |||
It may be possible for a local user to overrun the stack in | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compat_ibcs2&sektion=8&apropos=0&manpath=OpenBSD+Current&arch=i386">compat_ibcs2(8)</a>.<br> | |||
ProPolice catches this, turning a potential privilege escalation into a denial | |||
of service. iBCS2 emulation does not need to be enabled via | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion=8&apropos=0&manpath=OpenBSD+Current&arch=i386">sysctl(8)</a> | |||
for this to happen. | |||
<br> | |||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/i386/006_ibcs2.patch"> | |||
A source code patch exists which remedies this problem.</a> | |||
<p> | |||
<li><a name="exec"></a> | <li><a name="exec"></a> | ||
<font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font> <i>All architectures</i><br> | <font color="#009000"><strong>005: RELIABILITY FIX: November 4, 2003</strong></font> <i>All architectures</i><br> | ||
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. | It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header. | ||
|
|
||
# pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/</strong><p> | # pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/</strong><p> | ||
The extra <strong>/</strong> at the end is important. We do not make | The extra <strong>/</strong> at the end is important. We do not make | ||
patch files available for things printed on paper. | patch files available for things printed on paper. | ||
<p> | |||
</ul> | |||
<p> | |||
<a name="i386"></a> | |||
<h3><font color="#e00000">i386</font></h3> | |||
<ul> | |||
<li><a name="ibcs2"></a> | |||
<font color="#009000"><strong>006: SECURITY FIX: November 17, 2003</strong></font><br> | |||
It may be possible for a local user to overrun the stack in | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compat_ibcs2&sektion=8&apropos=0&manpath=OpenBSD+Current&arch=i386">compat_ibcs2(8)</a>.<br> | |||
ProPolice catches this, turning a potential privilege escalation into a denial | |||
of service. iBCS2 emulation does not need to be enabled via | |||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion=8&apropos=0&manpath=OpenBSD+Current&arch=i386">sysctl(8)</a> | |||
for this to happen. | |||
<br> | |||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.4/i386/006_ibcs2.patch"> | |||
A source code patch exists which remedies this problem.</a> | |||
<p> | <p> | ||
</ul> | </ul> | ||
<p> | <p> |