[BACK]Return to errata41.html CVS log [TXT][DIR] Up to [local] / www

File: [local] / www / errata41.html (download) (as text)

Revision 1.9, Tue Oct 9 16:49:01 2007 UTC (16 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.8: +11 -1 lines

dhcpd security patch:
"Minimum IP MTU" means what it says. Ensure that packets returned by
dhcpd are the minimum size or larger no matter what the client thinks
the minimum allowable size is. Found by Nahuel Riva and Gera Richarte.
Fix by millert@.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>OpenBSD 4.1 errata</title>
<link rev=made href="mailto:www@openbsd.org">
<meta name="resource-type" content="document">
<meta name="description" content="the OpenBSD CD errata page">
<meta name="keywords" content="openbsd,cd,errata">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997-2007 by OpenBSD.">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
</head>

<body bgcolor="#ffffff" text="#000000" link="#23238E">

<a href="index.html"><img alt="[OpenBSD]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
<h2><font color="#0000e0">
This is the OpenBSD 4.1 release errata &amp; patch list:

</font></h2>

<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
<br>
For errata on a certain release, click below:<br>
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<a href="errata36.html">3.6</a>,
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata42.html">4.2</a>.
<br>
<hr>

<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1.tar.gz">
You can also fetch a tar.gz file containing all the following patches</a>.
This file is updated once a day.

<p> The patches below are available in CVS via the
<code>OPENBSD_4_1</code> <a href="stable.html">patch branch</a>.

<p>
For more detailed information on how to install patches to OpenBSD, please
consult the <a href="./faq/faq10.html#Patches">OpenBSD FAQ</a>.
<hr>

<!-- Temporarily put anchors for all archs here.  Remove later. -->
<a name="all"></a>
<a name="alpha"></a>
<a name="amd64"></a>
<a name="armish"></a>
<a name="cats"></a>
<a name="hp300"></a>
<a name="hppa"></a>
<a name="i386"></a>
<a name="luna88k"></a>
<a name="mac68k"></a>
<a name="macppc"></a>
<a name="mvme68k"></a>
<a name="mvme88k"></a>
<a name="sgi"></a>
<a name="sparc"></a>
<a name="sparc64"></a>
<a name="vax"></a>
<a name="zaurus"></a>

<ul>

<li><a name="010_dhcpd"></a>
<font color="#009000"><strong>010: SECURITY FIX: October 8, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Malicious DHCP clients could cause dhcpd(8) to corrupt its stack<br>
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/010_dhcpd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="009_file"></a>
<font color="#009000"><strong>009: SECURITY FIX: July 9, 2007</strong></font> &nbsp; <i>All Architectures</i><br>
Fix possible heap overflow in file(1), aka CVE-2007-1536.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/009_file.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="008_xorg"></a>
<font color="#009000"><strong>008: STABILITY FIX: May 9, 2007</strong></font> &nbsp; <i>All Architectures</i><br>
A malicious client can cause a division by zero.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/008_xorg.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="007_kroute"></a>
<font color="#009000"><strong>007: RELIABILITY FIX: April 30, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Link state is not correctly tracked in ospfd and ripd.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/007_kroute.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="006_altivec"></a>
<font color="#009000"><strong>006: STABILITY FIX: April 27, 2007</strong></font> &nbsp; <i>PowerPC</i><br>
An unhandled AltiVec assist exception can cause a kernel panic.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/macppc/006_altivec.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="005_route6"></a>
<font color="#009000"><strong>005: SECURITY FIX: April 27, 2007</strong></font> &nbsp; <i>All architectures</i><br>
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks.  This is a design flaw in IPv6 and not a bug in
OpenBSD.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/005_route6.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="004_xorg"></a>
<font color="#009000"><strong>004: SECURITY FIX: April 27, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Multiple vulnerabilities have been discovered in X.Org.<br>
XC-MISC extension ProcXCMiscGetXIDList memory corruption vulnerability,
BDFFont parsing integer overflow vulnerability,
fonts.dir file parsing integer overflow vulnerability,
multiple integer overflows in the XGetPixel() and XInitImage functions
in ImUtil.c.
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003">CVE-2007-1003</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351">CVE-2007-1351</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352">CVE-2007-1352</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667">CVE-2007-1667</a>.
<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/004_xorg.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="003_spamd"></a>
<font color="#009000"><strong>003: RELIABILITY FIX: April 27, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Bugs found in the spamd sychronization mechanism could cause corrupted
databases.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/003_spamd.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="002_splnet"></a>
<font color="#009000"><strong>002: STABILITY FIX: April 27, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Incorrect spl level can lead to panics under heavy kqueue usage.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/002_splnet.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>

<li><a name="001_mbuf"></a>
<font color="#009000"><strong>001: SECURITY FIX: April 27, 2007</strong></font> &nbsp; <i>All architectures</i><br>
Incorrect mbuf handling for ICMP6 packets.<br>
Using
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>
to avoid the problem packets is an effective workaround until the patch
can be installed.<br>
Use "block in inet6" in /etc/pf.conf
<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/001_mbuf.patch">
A source code patch exists which remedies this problem</a>.<br>
<p>


</ul>

<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=pkg-stable.html>For important packages updates, please refer here.</a><br>
<br>
For errata on a certain release, click below:<br>
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<a href="errata36.html">3.6</a>,
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata42.html">4.2</a>.
<br>

<hr>
<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
<a href="mailto:www@openbsd.org">www@openbsd.org</a>
<br><small>$OpenBSD: errata41.html,v 1.9 2007/10/09 16:49:01 deraadt Exp $</small>

</body>
</html>