[BACK]Return to errata37.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/errata37.html between version 1.57 and 1.58

version 1.57, 2016/08/15 02:22:06 version 1.58, 2016/10/16 19:11:29
Line 70 
Line 70 
 <br>  <br>
 <hr>  <hr>
   
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz">
 You can also fetch a tar.gz file containing all the following patches</a>.  You can also fetch a tar.gz file containing all the following patches</a>.
 This file is updated once a day.  This file is updated once a day.
 <p>  <p>
Line 95 
Line 95 
 Clients authorized to connect to the X server are able to crash it and to execute  Clients authorized to connect to the X server are able to crash it and to execute
 malicious code within the X server.  malicious code within the X server.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 106 
Line 106 
 asynchronous signals. A remote attacker may be able to execute arbitrary code with the  asynchronous signals. A remote attacker may be able to execute arbitrary code with the
 privileges of the user running sendmail, typically root.  privileges of the user running sendmail, typically root.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 121 
Line 121 
 This can be exploited to execute shell commands with privileges of the user running  This can be exploited to execute shell commands with privileges of the user running
 <a href="http://man.openbsd.org/?query=scp&amp;sektion=1">scp(1)</a>.  <a href="http://man.openbsd.org/?query=scp&amp;sektion=1">scp(1)</a>.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/011_ssh.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/011_ssh.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 133 
Line 133 
 so even root is blocked from accessing the ioports  so even root is blocked from accessing the ioports
 unless the machine is running at lower securelevels or with an open X11 aperture.  unless the machine is running at lower securelevels or with an open X11 aperture.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/010_i386machdep.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/010_i386machdep.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 149 
Line 149 
 requests need it to. This is now implemented using only GDT selectors  requests need it to. This is now implemented using only GDT selectors
 instead of the LDT so that it is more robust as well.  instead of the LDT so that it is more robust as well.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/009_i386pmap.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/009_i386pmap.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 158 
Line 158 
 &nbsp; <i>All architectures</i><br>  &nbsp; <i>All architectures</i><br>
 Do not allow users to trick suid programs into re-opening files via /dev/fd.  Do not allow users to trick suid programs into re-opening files via /dev/fd.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 168 
Line 168 
 A buffer overflow has been found in the Perl interpreter with the sprintf function which  A buffer overflow has been found in the Perl interpreter with the sprintf function which
 may be exploitable under certain conditions.  may be exploitable under certain conditions.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 179 
Line 179 
 <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>  <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a>
 may occur.  may occur.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/006_nat-t.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/006_nat-t.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 191 
Line 191 
 which may be exploitable.<br>  which may be exploitable.<br>
 Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch.  Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 202 
Line 202 
 <a href="http://man.openbsd.org/?query=compress&sektion=3">compress(3)</a>  <a href="http://man.openbsd.org/?query=compress&sektion=3">compress(3)</a>
 which may be exploitable.  which may be exploitable.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 215 
Line 215 
 is followed by an entry that grants <tt>sudo ALL</tt> privileges to  is followed by an entry that grants <tt>sudo ALL</tt> privileges to
 another user.  another user.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 228 
Line 228 
 <a href="http://man.openbsd.org/?query=ipsec&sektion=4">ipsec(4)</a>  <a href="http://man.openbsd.org/?query=ipsec&sektion=4">ipsec(4)</a>
 credentials for a socket can result in a kernel panic.  credentials for a socket can result in a kernel panic.
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Line 242 
Line 242 
 <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a>  <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a>
 .  .
 <br>  <br>
 <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch">  <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch">
 A source code patch exists which remedies this problem.</a>  A source code patch exists which remedies this problem.</a>
 <p>  <p>
   
Legend:
Removed from v.1.57  
changed lines
  Added in v.1.58