www/errata39.html - diff

Return to errata39.html CVS log

Up to [local] / www

Diff for /www/errata39.html between version 1.69 and 1.70

version 1.69, 2019/04/02 12:46:57

version 1.70, 2019/05/27 22:55:20

Line 1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<!doctype html>

<html>

<head>

<title>OpenBSD 3.9 Errata</title>

</head>

<!--

IMPORTANT REMINDER

IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE

-->

<h2>

OpenBSD</a>

OpenBSD</a>

3.9 Errata

3.9 Errata

</h2>

<hr>

Line 88

Line 86

<ul>

023: STABILITY FIX: April 26, 2007

023: STABILITY FIX: April 26, 2007

PowerPC

An unhandled AltiVec assist exception can cause a kernel panic.

Line 96

Line 94

022: SECURITY FIX: April 23, 2007

022: SECURITY FIX: April 23, 2007

All architectures

IPv6 type 0 route headers can be used to mount a DoS attack against

hosts and networks. This is a design flaw in IPv6 and not a bug in

Line 106

Line 104

021: SECURITY FIX: April 4, 2007

021: SECURITY FIX: April 4, 2007

All architectures

Multiple vulnerabilities have been discovered in X.Org.

XC-MISC extension ProcXCMiscGetXIDList memory corruption vulnerability,

Line 124

Line 122

020: SECURITY FIX: March 7, 2007

020: SECURITY FIX: March 7, 2007

All architectures

2nd revision, March 17, 2007

2nd revision, March 17, 2007

Incorrect mbuf handling for ICMP6 packets.

Using

Line 139

Line 137

019: INTEROPERABILITY FIX: February 4, 2007

019: INTEROPERABILITY FIX: February 4, 2007

All architectures

A US daylight saving time rules change takes effect in 2007.

Line 148

Line 146

018: RELIABILITY FIX: January 16, 2007

018: RELIABILITY FIX: January 16, 2007

All architectures

Under some circumstances, processing an ICMP6 echo request would cause

the kernel to enter an infinite loop.

Line 158

Line 156

017: SECURITY FIX: January 3, 2007

017: SECURITY FIX: January 3, 2007

i386 only

Insufficient validation in

may allow an attacker to gain root privileges if the kernel is compiled with

<tt>option PCIAGP</tt>

<code>option PCIAGP</code>

and the actual device is not an AGP device.

The <tt>PCIAGP</tt> option is present by default on i386

The <code>PCIAGP</code> option is present by default on i386

kernels only.

Line 173

Line 171

016: SECURITY FIX: November 19, 2006

016: SECURITY FIX: November 19, 2006

All architectures

The ELF

Line 186

Line 184

015: SECURITY FIX: October 12, 2006

015: SECURITY FIX: October 12, 2006

All architectures

Fix 2 security bugs found in OpenSSH. A pre-authentication denial of service (found

by Tavis Ormandy) that would cause

Line 202

Line 200

014: SECURITY FIX: October 7, 2006

014: SECURITY FIX: October 7, 2006

All architectures

Fix for an integer overflow in

<a href="https://man.openbsd.org/OpenBSD-3.9/systrace.4">systrace(4)</a>'s

Line 215

Line 213

013: SECURITY FIX: October 7, 2006

013: SECURITY FIX: October 7, 2006

All architectures

Several problems have been found in OpenSSL. While parsing certain invalid ASN.1

structures an error condition is mishandled, possibly resulting in an infinite

Line 233

Line 231

012: SECURITY FIX: October 7, 2006

012: SECURITY FIX: October 7, 2006

All architectures

<a href="https://man.openbsd.org/OpenBSD-3.9/httpd.8">httpd(8)</a>

does not sanitize the Expect header from an HTTP request when it is

Line 246

Line 244

011: SECURITY FIX: September 8, 2006

011: SECURITY FIX: September 8, 2006

All architectures

Due to incorrect PKCS#1 v1.5 padding validation in OpenSSL, it is possible for

an attacker to construct an invalid signature which OpenSSL would accept as a

Line 258

Line 256

010: SECURITY FIX: September 8, 2006

010: SECURITY FIX: September 8, 2006

All architectures

Two Denial of Service issues have been found with BIND.

An attacker who can perform recursive lookups on a DNS server and is able

Line 275

Line 273

009: SECURITY FIX: September 2, 2006

009: SECURITY FIX: September 2, 2006

All architectures

Due to the failure to correctly validate LCP configuration option lengths,

it is possible for an attacker to send LCP packets via an

Line 288

Line 286

008: SECURITY FIX: August 25, 2006

008: SECURITY FIX: August 25, 2006

All architectures

A problem in

<a href="https://man.openbsd.org/OpenBSD-3.9/isakmpd.8">isakmpd(8)</a>

Line 303

Line 301

007: SECURITY FIX: August 25, 2006

007: SECURITY FIX: August 25, 2006

All architectures

It is possible to cause the kernel to panic when more than the default number of

sempahores have been allocated.

Line 313

Line 311

006: SECURITY FIX: August 25, 2006

006: SECURITY FIX: August 25, 2006

All architectures

Due to an off-by-one error in

<a href="https://man.openbsd.org/OpenBSD-3.9/dhcpd.8">dhcpd(8)</a>,

Line 327

Line 325

005: SECURITY FIX: August 25, 2006

005: SECURITY FIX: August 25, 2006

All architectures

A potential denial of service problem has been found in sendmail. A message

with really long header lines could trigger a use-after-free bug causing

Line 338

Line 336

004: SECURITY FIX: July 30, 2006

004: SECURITY FIX: July 30, 2006

All architectures

<a href="https://man.openbsd.org/OpenBSD-3.9/httpd.8">httpd(8)</a>'s

mod_rewrite has a potentially exploitable off-by-one buffer overflow.

Line 352

Line 350

003: SECURITY FIX: June 15, 2006

003: SECURITY FIX: June 15, 2006

All architectures

A potential denial of service problem has been found in sendmail. A malformed MIME

message could trigger excessive recursion which will lead to stack exhaustion.

Line 366

Line 364

002: SECURITY FIX: May 2, 2006

002: SECURITY FIX: May 2, 2006

All architectures

A security vulnerability has been found in the X.Org server --

<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1526">CVE-2006-1526</a>.

Line 378

Line 376

001: SECURITY FIX: March 25, 2006

001: SECURITY FIX: March 25, 2006

All architectures

A race condition has been reported to exist in the handling by sendmail of

asynchronous signals. A remote attacker may be able to execute arbitrary code with the

Line 392

Line 390

</ul>

<hr>

</body>

</html>