www/errata37.html - diff

Return to errata37.html CVS log

Up to [local] / www

Diff for /www/errata37.html between version 1.40 and 1.41

version 1.40, 2014/03/31 03:12:47

version 1.41, 2014/03/31 16:02:48

Line 79

<ul>

013: SECURITY FIX: May 2, 2006   All architectures

013: SECURITY FIX: May 2, 2006

All architectures

A security vulnerability has been found in the X.Org server --

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526">CVE-2006-1526</a>.

Clients authorized to connect to the X server are able to crash it and to execute

Line 90

Line 91

012: SECURITY FIX: March 25, 2006   All architectures

012: SECURITY FIX: March 25, 2006

All architectures

A race condition has been reported to exist in the handling by sendmail of

asynchronous signals. A remote attacker may be able to execute arbitrary code with the

privileges of the user running sendmail, typically root.

Line 100

Line 102

011: SECURITY FIX: February 12, 2006   All architectures

011: SECURITY FIX: February 12, 2006

All architectures

Josh Bressers has reported a weakness in OpenSSH caused due to the insecure use of the

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=system&sektion=3">system(3)</a>

function in

Line 114

Line 117

010: RELIABILITY FIX: January 13, 2006   i386 architecture

010: RELIABILITY FIX: January 13, 2006

i386 architecture

Constrain

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=i386_set_ioperm&arch=i386&sektion=2">i386_set_ioperm(2)</a>

so even root is blocked from accessing the ioports

Line 125

Line 129

009: RELIABILITY FIX: January 13, 2006   i386 architecture

009: RELIABILITY FIX: January 13, 2006

i386 architecture

Change the implementation of i386 W^X so that the "execute line" can move around.

Before it was limited to being either at 512MB (below which all code normally

lands) or at the top of the stack. Now the line can float as

Line 140

Line 145

008: SECURITY FIX: January 5, 2006   All architectures

008: SECURITY FIX: January 5, 2006

All architectures

Do not allow users to trick suid programs into re-opening files via /dev/fd.

Line 148

Line 154

007: SECURITY FIX: January 5, 2006   All architectures

007: SECURITY FIX: January 5, 2006

All architectures

A buffer overflow has been found in the Perl interpreter with the sprintf function which

may be exploitable under certain conditions.

Line 157

Line 164

006: RELIABILITY FIX: November 5, 2005   All architectures

006: RELIABILITY FIX: November 5, 2005

All architectures

Due to wrong advertisement of RFC 3947 compliance interoperability problems with

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>

may occur.

Line 167

Line 175

005: SECURITY FIX: July 21, 2005   All architectures

005: SECURITY FIX: July 21, 2005

All architectures

A buffer overflow has been found in

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a>

which may be exploitable.

Line 178

Line 187

004: SECURITY FIX: July 6, 2005   All architectures

004: SECURITY FIX: July 6, 2005

All architectures

A buffer overflow has been found in

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=compress&sektion=3">compress(3)</a>

which may be exploitable.

Line 188

Line 198

003: SECURITY FIX: June 20, 2005   All architectures

003: SECURITY FIX: June 20, 2005

All architectures

Due to a race condition in its command pathname handling, a user with

privileges may be able to run arbitrary commands if the user's entry

Line 200

Line 211

002: RELIABILITY FIX: June 15, 2005   All architectures

002: RELIABILITY FIX: June 15, 2005

All architectures

As discovered by Stefan Miltchev calling

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getsockopt&sektion=2">getsockopt(2)</a>

to get

Line 212

Line 224

001: SECURITY FIX: June 7, 2005   All architectures

001: SECURITY FIX: June 7, 2005

All architectures

Fix a buffer overflow, memory leaks, and NULL pointer dereference in