File: [local] / www / errata35.html (download) (as text)
Revision 1.37, Tue Nov 2 17:55:47 2010 UTC (13 years, 6 months ago) by deraadt
Branch: MAIN
Changes since 1.36: +5 -3 lines
roll errata pages
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>OpenBSD 3.5 errata</title>
<link rev=made href="mailto:www@openbsd.org">
<meta name="resource-type" content="document">
<meta name="description" content="the OpenBSD CD errata page">
<meta name="keywords" content="openbsd,cd,errata">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997-2004 by OpenBSD.">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000" link="#23238E">
<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
<h2><font color="#0000e0">
This is the OpenBSD 3.5 release errata & patch list:
</font></h2>
<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=pkg-stable35.html>For important packages updates, please refer here.</a><br>
<br>
For errata on a certain release, click below:<br>
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata36.html">3.6</a>,
<br>
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata41.html">4.1</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata48.html">4.8</a>.
<br>
<hr>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5.tar.gz">
You can also fetch a tar.gz file containing all the following patches</a>.
This file is updated once a day.
<p> The patches below are available in CVS via the
<code>OPENBSD_3_5</code> <a href="stable.html">patch branch</a>.
<p>
For more detailed information on how to install patches to OpenBSD, please
consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
<hr>
<a name="all"></a>
<h3><font color="#e00000">All architectures</font></h3>
<ul>
<li><a name="cvs4"></a>
<font color="#009000"><strong>033: SECURITY FIX: April 28, 2005</strong></font><br>
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a>
. None of these issues are known to be exploitable.
<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a>
.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/033_cvs4.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="tcp2"></a>
<font color="#009000"><strong>032: RELIABILITY FIX: April 4, 2005</strong></font><br>
Handle an edge condition in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&sektion=4">tcp(4)</a>
timestamps.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/032_tcp2.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="telnet"></a>
<font color="#009000"><strong>031: SECURITY FIX: March 30, 2005</strong></font><br>
Due to buffer overflows in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">telnet(1)</a>
, a malicious server or man-in-the-middle attack could allow execution of
arbitrary code with the privileges of the user invoking
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=telnet&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">telnet(1)</a>
.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/031_telnet.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="sack"></a>
<font color="#009000"><strong>030: RELIABILITY FIX: March 30, 2005</strong></font><br>
Bugs in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">tcp(4)</a>
stack can lead to memory exhaustion or processing of TCP segments with
invalid SACK options and cause a system crash.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/030_sack.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="rtt"></a>
<font color="#009000"><strong>027: RELIABILITY FIX: January 11, 2005</strong></font><br>
A bug in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcp&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">tcp(4)</a>
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/027_rtt.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="httpd3"></a>
<font color="#009000"><strong>026: SECURITY FIX: January 12, 2005</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">httpd(8)</a>
's mod_include module fails to properly validate the length of
user supplied tag strings prior to copying them to a local buffer,
causing a buffer overflow.
<br>
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/026_httpd3.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="getcwd"></a>
<font color="#009000"><strong>025: RELIABILITY FIX: January 6, 2005</strong></font><br>
The
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getcwd&apropos=0&sektion=3&manpath=OpenBSD+Current&arch=i386&format=html">getcwd(3)</a>
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/025_getcwd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="pfkey"></a>
<font color="#009000"><strong>024: SECURITY FIX: December 14, 2004</strong></font><br>
On systems running
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a>
it is possible for a local user to cause kernel memory corruption
and system panic by setting
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&apropos=0&sektion=4&manpath=OpenBSD+Current&format=html">ipsec(4)</a>
credentials on a socket.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/024_pfkey.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="lynx"></a>
<font color="#009000"><strong>023: RELIABILITY FIX: November 10, 2004</strong></font><br>
Due to a bug in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lynx&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">lynx(1)</a>
it is possible for pages such as
<a href="http://lcamtuf.coredump.cx/mangleme/gallery/lynx_die1.html">this</a>
to cause
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lynx&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">lynx(1)</a>
to exhaust memory and then crash when parsing such pages.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/023_lynx.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="pppd"></a>
<font color="#009000"><strong>022: RELIABILITY FIX: November 10, 2004</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pppd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">pppd(8)</a>
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/022_pppd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="bind"></a>
<font color="#009000"><strong>021: RELIABILITY FIX: November 10, 2004</strong></font><br>
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unnecessary timeouts and
thus slow DNS queries.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/021_bind.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="radius"></a>
<font color="#009000"><strong>020: SECURITY FIX: September 20, 2004</strong></font><br>
Eilko Bos reported that radius authentication, as implemented by
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login_radius&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">login_radius(8)</a>,
was not checking the shared secret used for replies sent by the radius server.
This could allow an attacker to spoof a reply granting access to the
attacker. Note that OpenBSD does not ship with radius authentication enabled.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/020_radius.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="xpm"></a>
<font color="#009000"><strong>019: SECURITY FIX: September 16, 2004</strong></font><br>
Chris Evans reported several flaws (stack and integer overflows) in the
<a href="http://www.inria.fr/koala/lehors/xpm.html">Xpm</a>
library code that parses image files
(<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0687">CAN-2004-0687</a>,
<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0688">CAN-2004-0688</a>).
Some of these would be exploitable when parsing malicious image files in
an application that handles XPM images, if they could escape ProPolice.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/019_xpm.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="httpd2"></a>
<font color="#009000"><strong>018: SECURITY FIX: September 10, 2004</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">httpd(8)</a>
's mod_rewrite module can be made to write one zero byte in an arbitrary memory
position outside of a char array, causing a DoS or possibly buffer overflows.
This would require enabling dbm for mod_rewrite and making use of a malicious
dbm file.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/018_httpd2.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="libz"></a>
<font color="#009000"><strong>017: RELIABILITY FIX: August 29, 2004</strong></font><br>
Due to incorrect error handling in zlib an attacker could potentially cause a Denial
of Service attack.
<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797">CAN-2004-0797</a>
.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/017_libz.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="bridge"></a>
<font color="#009000"><strong>016: RELIABILITY FIX: August 26, 2004</strong></font><br>
As
<a href="http://marc.info/?l=bugtraq&m=109345131508824&w=2">reported</a>
by Vafa Izadinia
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">bridge(4)</a>
with IPsec processing enabled can be crashed remotely by a single ICMP echo traversing the bridge.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/016_bridge.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="icmp"></a>
<font color="#009000"><strong>015: RELIABILITY FIX: August 25, 2004</strong></font><br>
Improved verification of ICMP errors in order to minimize the impact of ICMP attacks
against TCP.
<br>
<a href="http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html">http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html</a>
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/015_icmp.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="rnd"></a>
<font color="#009000"><strong>014: RELIABILITY FIX: July 25, 2004</strong></font><br>
Under a certain network load the kernel can run out of stack space. This was
encountered in an environment using CARP on a VLAN interface. This issue initially
manifested itself as a FPU related crash on boot up.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/014_rnd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="httpd"></a>
<font color="#009000"><strong>013: SECURITY FIX: June 12, 2004</strong></font><br>
Multiple vulnerabilities have been found in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">httpd(8)</a>
/ mod_ssl.
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020">CAN-2003-0020</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987">CAN-2003-0987</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488">CAN-2004-0488</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492">CAN-2004-0492</a>.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/013_httpd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="isakmpd"></a>
<font color="#009000"><strong>012: SECURITY FIX: June 10, 2004</strong></font><br>
As
<a href="http://seclists.org/lists/fulldisclosure/2004/Jun/0191.html">disclosed</a>
by Thomas Walpuski
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&apropos=0&sektion=8&manpath=OpenBSD+Current&arch=i386&format=html">isakmpd(8)</a>
is still vulnerable to unauthorized SA deletion. An attacker can delete IPsec
tunnels at will.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/012_isakmpd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="cvs3"></a>
<font color="#009000"><strong>011: SECURITY FIX: June 9, 2004</strong></font><br>
Multiple remote vulnerabilities have been found in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">cvs(1)</a>
server that allow an attacker to crash the server or possibly execute arbitrary
code with the same privileges as the CVS server program.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/011_cvs3.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="fifofs"></a>
<font color="#009000"><strong>010: RELIABILITY FIX: June 9, 2004</strong></font><br>
A FIFO bug was introduced in OpenBSD 3.5 that occurs when a FIFO is opened in
non-blocking mode for writing when there are no processes reading the FIFO.
One program affected by this is the <a href="http://www.qmail.org/">qmail</a>
mail server which could go into an infinite loop and consume all CPU.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/010_fifofs.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="kerberos"></a>
<font color="#00900"><strong>009: SECURITY FIX: May 30,
2004</strong></font><br>
A flaw in the Kerberos V <a
href="http://www.openbsd.org/cgi-bin/man.cgi?query=kdc">kdc(8)</a>
server could result in the administrator of a Kerberos realm having
the ability to impersonate any principal in any other realm which
has established a cross-realm trust with their realm. The flaw is due to
inadequate checking of the "transited" field in a Kerberos request. For
more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/">
Heimdal's announcement</a>.
<br>
<a
href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="xdm"></a>
<font color="#00900"><strong>008: SECURITY FIX: May 26,
2004</strong></font><br>
With the introduction of IPv6 code in
<a
href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdm&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html">xdm(1)</a>,
one test on the 'requestPort' resource was deleted by accident. This
makes xdm create the chooser socket even if xdmcp is disabled in
xdm-config, by setting requestPort to 0. See
<a href="http://bugs.xfree86.org/show_bug.cgi?id=1376">XFree86
bugzilla</a> for details.
<br>
<a
href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/008_xdm.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="cvs2"></a>
<font color="#009000"><strong>007: SECURITY FIX: May 20,
2004</strong></font><br>
A heap overflow in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">cvs(1)</a>
server has been discovered that can be exploited by clients sending
malformed requests, enabling these clients to run arbitrary code
with the same privileges as the CVS server program.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/007_cvs2.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="procfs"></a>
<font color="#009000"><strong>006: SECURITY FIX: May 13,
2004</strong></font><br>
Check for integer overflow in procfs. Use of procfs is not recommended.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="tcp"></a>
<font color="#009000"><strong>005: RELIABILITY FIX: May 6,
2004</strong></font><br>
Reply to in-window SYN with a rate-limited ACK.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/005_tcp.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="scsi"></a>
<font color="#009000"><strong>004: RELIABILITY FIX: May 5,
2004</strong></font><br>
Restore the ability to negotiate tags/wide/sync with some SCSI controllers ( i.e.
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=siop&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">siop(4)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=trm&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">trm(4)</a>,
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=iha&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">iha(4)</a>
).
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/004_scsi.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="gdt"></a>
<font color="#009000"><strong>003: RELIABILITY FIX: May 5,
2004</strong></font><br>
Under load "recent model"
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gdt&apropos=0&sektion=4&manpath=OpenBSD+Current&arch=i386&format=html">gdt(4)</a>
controllers will lock up.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/003_gdt.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
<li><a name="cvs"></a>
<font color="#009000"><strong>002: SECURITY FIX: May 5,
2004</strong></font><br>
Pathname validation problems have been found in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">cvs(1)</a>,
allowing malicious clients to create files outside the repository, allowing
malicious servers to overwrite files outside the local CVS tree on
the client and allowing clients to check out files outside the CVS
repository.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/002_cvs.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
</ul>
<p>
<a name="i386"></a>
<h3><font color="#e00000">i386</font></h3>
<ul>
<li><a name="locore"></a>
<font color="#009000"><strong>028: SECURITY FIX: February 28, 2005</strong></font><br>
More stringent checking should be done in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=copy&apropos=0&sektion=9&manpath=OpenBSD+Current&arch=i386&format=html">copy(9)</a>
functions to prevent their misuse.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/i386/028_locore.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
</ul>
<p>
<a name="alpha"></a>
<h3><font color="#e00000">alpha</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="amd64"></a>
<h3><font color="#e00000">amd64</font></h3>
<ul>
<li><a name="copy"></a>
<font color="#009000"><strong>029: SECURITY FIX: March 16, 2005</strong></font><br>
More stringent checking should be done in the
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=copy&apropos=0&sektion=9&manpath=OpenBSD+Current&arch=i386&format=html">copy(9)</a>
functions to prevent their misuse.
<br>
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.5/amd64/029_copy.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>
</ul>
<p>
<a name="cats"></a>
<h3><font color="#e00000">cats</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="mac68k"></a>
<h3><font color="#e00000">mac68k</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="sparc"></a>
<h3><font color="#e00000">sparc</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="sparc64"></a>
<h3><font color="#e00000">sparc64</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="hppa"></a>
<h3><font color="#e00000">hppa</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="hp300"></a>
<h3><font color="#e00000">hp300</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="mvme68k"></a>
<h3><font color="#e00000">mvme68k</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="mvme88k"></a>
<h3><font color="#e00000">mvme88k</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name="macppc"></a>
<h3><font color="#e00000">macppc</font></h3>
<ul>
<li><a name="autobook_package"></a>
<font color="#009000"><strong>001: BROKEN PACKAGE ON CD: May 4, 2004</strong></font><br>
The powerpc autobook-1.3.tgz package found on CD2 has been found to be corrupt,
and will not extract.
A replacement package can be found on the ftp sites.
<p>
</ul>
<p>
<a name="vax"></a>
<h3><font color="#e00000">vax</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<br>
<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=pkg-stable35.html>For important packages updates, please refer here.</a><br>
<br>
For errata on a certain release, click below:<br>
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata36.html">3.6</a>,
<br>
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata41.html">4.1</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata48.html">4.8</a>.
<br>
<hr>
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
<a href="mailto:www@openbsd.org">www@openbsd.org</a>
<br><small>$OpenBSD: errata35.html,v 1.37 2010/11/02 17:55:47 deraadt Exp $</small>
</body>
</html>
![[BACK]](/icons/back.gif){kind=icon}
Return to errata35.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www