Return to errata37.html CVS log | Up to [local] / www |
version 1.57, 2016/08/15 02:22:06 | version 1.58, 2016/10/16 19:11:29 | ||
---|---|---|---|
|
|
||
<br> | <br> | ||
<hr> | <hr> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7.tar.gz"> | ||
You can also fetch a tar.gz file containing all the following patches</a>. | You can also fetch a tar.gz file containing all the following patches</a>. | ||
This file is updated once a day. | This file is updated once a day. | ||
<p> | <p> | ||
|
|
||
Clients authorized to connect to the X server are able to crash it and to execute | Clients authorized to connect to the X server are able to crash it and to execute | ||
malicious code within the X server. | malicious code within the X server. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/013_xorg.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
asynchronous signals. A remote attacker may be able to execute arbitrary code with the | asynchronous signals. A remote attacker may be able to execute arbitrary code with the | ||
privileges of the user running sendmail, typically root. | privileges of the user running sendmail, typically root. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
This can be exploited to execute shell commands with privileges of the user running | This can be exploited to execute shell commands with privileges of the user running | ||
<a href="http://man.openbsd.org/?query=scp&sektion=1">scp(1)</a>. | <a href="http://man.openbsd.org/?query=scp&sektion=1">scp(1)</a>. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/011_ssh.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/011_ssh.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
so even root is blocked from accessing the ioports | so even root is blocked from accessing the ioports | ||
unless the machine is running at lower securelevels or with an open X11 aperture. | unless the machine is running at lower securelevels or with an open X11 aperture. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/010_i386machdep.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/010_i386machdep.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
requests need it to. This is now implemented using only GDT selectors | requests need it to. This is now implemented using only GDT selectors | ||
instead of the LDT so that it is more robust as well. | instead of the LDT so that it is more robust as well. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/009_i386pmap.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/i386/009_i386pmap.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
<i>All architectures</i><br> | <i>All architectures</i><br> | ||
Do not allow users to trick suid programs into re-opening files via /dev/fd. | Do not allow users to trick suid programs into re-opening files via /dev/fd. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
A buffer overflow has been found in the Perl interpreter with the sprintf function which | A buffer overflow has been found in the Perl interpreter with the sprintf function which | ||
may be exploitable under certain conditions. | may be exploitable under certain conditions. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
<a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> | <a href="http://man.openbsd.org/?query=isakmpd&sektion=8">isakmpd(8)</a> | ||
may occur. | may occur. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/006_nat-t.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/006_nat-t.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
which may be exploitable.<br> | which may be exploitable.<br> | ||
Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch. | Please note that this fixes a different buffer overflow than the <a href="#libz">previous</a> zlib patch. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/005_libz.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
<a href="http://man.openbsd.org/?query=compress&sektion=3">compress(3)</a> | <a href="http://man.openbsd.org/?query=compress&sektion=3">compress(3)</a> | ||
which may be exploitable. | which may be exploitable. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/004_libz.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
is followed by an entry that grants <tt>sudo ALL</tt> privileges to | is followed by an entry that grants <tt>sudo ALL</tt> privileges to | ||
another user. | another user. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/003_sudo.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
<a href="http://man.openbsd.org/?query=ipsec&sektion=4">ipsec(4)</a> | <a href="http://man.openbsd.org/?query=ipsec&sektion=4">ipsec(4)</a> | ||
credentials for a socket can result in a kernel panic. | credentials for a socket can result in a kernel panic. | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/002_getsockopt.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||
|
|
||
<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a> | <a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753">CAN-2005-0753</a> | ||
. | . | ||
<br> | <br> | ||
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch"> | <a href="https://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/001_cvs.patch"> | ||
A source code patch exists which remedies this problem.</a> | A source code patch exists which remedies this problem.</a> | ||
<p> | <p> | ||