www/errata38.html - diff - 1.44

Return to errata38.html CVS log

Up to [local] / www

Diff for /www/errata38.html between version 1.43 and 1.44

version 1.43, 2014/03/28 03:04:30

version 1.44, 2014/03/31 03:12:47

Line 6

Line 6

<meta name="description" content="the OpenBSD CD errata page">

<meta name="description" content="the OpenBSD CD errata page">

<meta name="keywords" content="openbsd,cd,errata">

<meta name="keywords" content="openbsd,cd,errata">

<meta name="distribution" content="global">

<meta name="distribution" content="global">

<meta name="copyright" content="This document copyright 1997-2004 by OpenBSD.">

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

</head>

</head>

Line 65

Line 64

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8.tar.gz">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8.tar.gz">

You can also fetch a tar.gz file containing all the following patches</a>.

You can also fetch a tar.gz file containing all the following patches</a>.

This file is updated once a day.

This file is updated once a day.

<p>

<p> The patches below are available in CVS via the

The patches below are available in CVS via the

<code>OPENBSD_3_8</code> <a href="stable.html">patch branch</a>.

<code>OPENBSD_3_8</code> <a href="stable.html">patch branch</a>.

<p>

<p>

For more detailed information on how to install patches to OpenBSD, please

For more detailed information on how to install patches to OpenBSD, please

consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.

consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.

<p>

<hr>

<hr>

<a name="all"></a>

<a name="alpha"></a>

<a name="amd64"></a>

<a name="cats"></a>

<a name="hp300"></a>

<a name="hppa"></a>

<a name="i386"></a>

<a name="mac68k"></a>

<a name="macppc"></a>

<a name="mvme68k"></a>

<a name="mvme88k"></a>

<a name="sparc"></a>

<a name="sparc64"></a>

<a name="vax"></a>

<ul>

<ul>

<li><a name="ssh2"></a>

<li><a name="ssh2"></a>

Line 103

Line 90

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051">CVE-2006-5051</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051">CVE-2006-5051</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/020_ssh2.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/020_ssh2.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="systrace"></a>

<li><a name="systrace"></a>

Line 115

Line 102

privilege escalation.

privilege escalation.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/019_systrace.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/019_systrace.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="openssl2"></a>

<li><a name="openssl2"></a>

Line 132

Line 119

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940">CVE-2006-2940</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940">CVE-2006-2940</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/018_openssl2.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/018_openssl2.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="httpd2"></a>

<li><a name="httpd2"></a>

Line 144

Line 131

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918">CVE-2006-3918</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3918">CVE-2006-3918</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/017_httpd2.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/017_httpd2.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="openssl"></a>

<li><a name="openssl"></a>

Line 155

Line 142

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339">CVE-2006-4339</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339">CVE-2006-4339</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/016_openssl.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/016_openssl.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="bind"></a>

<li><a name="bind"></a>

Line 171

Line 158

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096">CVE-2006-4096</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4096">CVE-2006-4096</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/015_bind.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/015_bind.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="sppp"></a>

<li><a name="sppp"></a>

Line 183

Line 170

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4304">CVE-2006-4304</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4304">CVE-2006-4304</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/014_sppp.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/014_sppp.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="isakmpd"></a>

<li><a name="isakmpd"></a>

Line 197

Line 184

replay counter.

replay counter.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/013_isakmpd.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/013_isakmpd.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="sem"></a>

<li><a name="sem"></a>

Line 206

Line 193

sempahores have been allocated.

sempahores have been allocated.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/012_sem.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/012_sem.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="dhcpd"></a>

<li><a name="dhcpd"></a>

Line 219

Line 206

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3122">CVE-2006-3122</a>

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3122">CVE-2006-3122</a>

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/011_dhcpd.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/011_dhcpd.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="sendmail3"></a>

<li><a name="sendmail3"></a>

Line 229

Line 216

sendmail to crash.

sendmail to crash.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/010_sendmail3.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/010_sendmail3.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="httpd"></a>

<li><a name="httpd"></a>

Line 242

Line 229

buffer overflow. CVE-2006-3747

buffer overflow. CVE-2006-3747

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/009_httpd.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/009_httpd.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="sendmail2"></a>

<li><a name="sendmail2"></a>

Line 255

Line 242

malformed MIME message exists.

malformed MIME message exists.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/008_sendmail2.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/008_sendmail2.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="xorg"></a>

<li><a name="xorg"></a>

Line 266

Line 253

malicious code within the X server.

malicious code within the X server.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/007_xorg.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/007_xorg.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="sendmail"></a>

<li><a name="sendmail"></a>

Line 276

Line 263

privileges of the user running sendmail, typically root.

privileges of the user running sendmail, typically root.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/006_sendmail.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/006_sendmail.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="ssh"></a>

<li><a name="ssh"></a>

Line 290

Line 277

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&sektion=1">scp(1)</a>.

<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&sektion=1">scp(1)</a>.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="i386machdep"></a>

<li><a name="i386machdep"></a>

Line 301

Line 288

unless the machine is running at lower securelevels or with an open X11 aperture.

unless the machine is running at lower securelevels or with an open X11 aperture.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/004_i386machdep.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/004_i386machdep.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="i386pmap"></a>

<li><a name="i386pmap"></a>

Line 316

Line 303

instead of the LDT so that it is more robust as well.

instead of the LDT so that it is more robust as well.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/003_i386pmap.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/i386/003_i386pmap.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="fd"></a>

<li><a name="fd"></a>

Line 324

Line 311

Do not allow users to trick suid programs into re-opening files via /dev/fd.

Do not allow users to trick suid programs into re-opening files via /dev/fd.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/002_fd.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/002_fd.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

<li><a name="perl"></a>

<li><a name="perl"></a>

Line 333

Line 320

may be exploitable under certain conditions.

may be exploitable under certain conditions.

<br>

<br>

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch">

<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/001_perl.patch">

A source code patch exists which remedies this problem</a>.<br>

A source code patch exists which remedies this problem.</a>

<p>

<p>

</ul>

</ul>