| version 1.62, 2017/03/28 06:41:18 |
version 1.63, 2017/06/26 17:18:57 |
|
|
| <strong>2nd revision, March 17, 2007</strong><br> |
<strong>2nd revision, March 17, 2007</strong><br> |
| Incorrect mbuf handling for ICMP6 packets.<br> |
Incorrect mbuf handling for ICMP6 packets.<br> |
| Using |
Using |
| <a href="http://man.openbsd.org/OpenBSD-4.0/pf.4">pf(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.0/pf.4">pf(4)</a> |
| to avoid the problem packets is an effective workaround until the patch |
to avoid the problem packets is an effective workaround until the patch |
| can be installed.<br> |
can be installed.<br> |
| Use "block in inet6" in /etc/pf.conf |
Use "block in inet6" in /etc/pf.conf |
|
|
| <font color="#009000"><strong>007: SECURITY FIX: January 3, 2007</strong></font> |
<font color="#009000"><strong>007: SECURITY FIX: January 3, 2007</strong></font> |
| <i>i386 only</i><br> |
<i>i386 only</i><br> |
| Insufficient validation in |
Insufficient validation in |
| <a href="http://man.openbsd.org/OpenBSD-4.0/vga.4">vga(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.0/vga.4">vga(4)</a> |
| may allow an attacker to gain root privileges if the kernel is compiled with |
may allow an attacker to gain root privileges if the kernel is compiled with |
| <tt>option PCIAGP</tt> |
<tt>option PCIAGP</tt> |
| and the actual device is not an AGP device. |
and the actual device is not an AGP device. |
|
|
| <font color="#009000"><strong>005: SECURITY FIX: November 19, 2006</strong></font> |
<font color="#009000"><strong>005: SECURITY FIX: November 19, 2006</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| The ELF |
The ELF |
| <a href="http://man.openbsd.org/OpenBSD-4.0/ld.so.1">ld.so(1)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.0/ld.so.1">ld.so(1)</a> |
| fails to properly sanitize the environment. There is a potential localhost security |
fails to properly sanitize the environment. There is a potential localhost security |
| problem in cases we have not found yet. This patch applies to all ELF-based |
problem in cases we have not found yet. This patch applies to all ELF-based |
| systems (m68k, m88k, and vax are a.out-based systems). |
systems (m68k, m88k, and vax are a.out-based systems). |
|
|
| <font color="#009000"><strong>004: RELIABILITY FIX: November 7, 2006</strong></font> |
<font color="#009000"><strong>004: RELIABILITY FIX: November 7, 2006</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Due to a bug in the |
Due to a bug in the |
| <a href="http://man.openbsd.org/OpenBSD-4.0/arc.4">arc(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.0/arc.4">arc(4)</a> |
| RAID driver the driver will not properly synchronize the cache to the logical volumes |
RAID driver the driver will not properly synchronize the cache to the logical volumes |
| upon system shut down. The result being that the mounted file systems within the logical |
upon system shut down. The result being that the mounted file systems within the logical |
| volumes will not be properly marked as being clean and fsck will be run for the subsequent |
volumes will not be properly marked as being clean and fsck will be run for the subsequent |
|
|
| <font color="#009000"><strong>003: SECURITY FIX: November 4, 2006</strong></font> |
<font color="#009000"><strong>003: SECURITY FIX: November 4, 2006</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Fix for an integer overflow in |
Fix for an integer overflow in |
| <a href="http://man.openbsd.org/OpenBSD-4.0/systrace.4">systrace(4)</a>'s |
<a href="https://man.openbsd.org/OpenBSD-4.0/systrace.4">systrace(4)</a>'s |
| STRIOCREPLACE support, found by |
STRIOCREPLACE support, found by |
| Chris Evans. This could be exploited for DoS, limited kmem reads or local |
Chris Evans. This could be exploited for DoS, limited kmem reads or local |
| privilege escalation. |
privilege escalation. |
|
|
| <li id="httpd"> |
<li id="httpd"> |
| <font color="#009000"><strong>001: SECURITY FIX: November 4, 2006</strong></font> |
<font color="#009000"><strong>001: SECURITY FIX: November 4, 2006</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| <a href="http://man.openbsd.org/OpenBSD-4.0/httpd.8">httpd(8)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.0/httpd.8">httpd(8)</a> |
| does not sanitize the Expect header from an HTTP request when it is |
does not sanitize the Expect header from an HTTP request when it is |
| reflected back in an error message, which might allow cross-site scripting (XSS) |
reflected back in an error message, which might allow cross-site scripting (XSS) |
| style attacks. |
style attacks. |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata40.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www