version 1.55, 2019/04/02 12:46:57 |
version 1.56, 2019/05/27 22:55:20 |
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<!doctype html> |
<html> |
<html lang=en id=errata> |
<head> |
<meta charset=utf-8> |
|
|
<title>OpenBSD 4.7 Errata</title> |
<title>OpenBSD 4.7 Errata</title> |
<meta name="description" content="the OpenBSD CD errata page"> |
<meta name="description" content="the OpenBSD CD errata page"> |
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
|
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="canonical" href="https://www.openbsd.org/errata47.html"> |
<link rel="canonical" href="https://www.openbsd.org/errata47.html"> |
</head> |
|
|
|
<!-- |
<!-- |
IMPORTANT REMINDER |
IMPORTANT REMINDER |
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE |
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE |
--> |
--> |
|
|
<body bgcolor="#ffffff" text="#000000" link="#23238E"> |
|
|
|
<h2> |
<h2 id=OpenBSD> |
<a href="index.html"> |
<a href="index.html"> |
<font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a> |
<i>Open</i><b>BSD</b></a> |
<font color="#e00000">4.7 Errata</font> |
4.7 Errata |
</h2> |
</h2> |
<hr> |
<hr> |
|
|
|
|
|
|
<ul> |
<ul> |
<li id="p013_pf"> |
<li id="p013_pf"> |
<font color="#009000"><strong>013: SECURITY FIX: February 16, 2011</strong></font> |
<strong>013: SECURITY FIX: February 16, 2011</strong> |
<i>Little-endian architectures</i><br> |
<i>Little-endian architectures</i><br> |
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were |
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were |
not correctly handled on little-endian systems (alpha, amd64, arm, i386, |
not correctly handled on little-endian systems (alpha, amd64, arm, i386, |
|
|
<p> |
<p> |
|
|
<li id="p012_openssl"> |
<li id="p012_openssl"> |
<font color="#009000"><strong>012: SECURITY FIX: February 11, 2011</strong></font> |
<strong>012: SECURITY FIX: February 11, 2011</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
An incorrectly formatted ClientHello handshake message could cause |
An incorrectly formatted ClientHello handshake message could cause |
OpenSSL to parse past the end of the message. An attacker could use this flaw |
OpenSSL to parse past the end of the message. An attacker could use this flaw |
|
|
<p> |
<p> |
|
|
<li id="p011_rtsock"> |
<li id="p011_rtsock"> |
<font color="#009000"><strong>011: RELIABILITY FIX: January 13, 2011</strong></font> |
<strong>011: RELIABILITY FIX: January 13, 2011</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
sp_protocol in RTM_DELETE messages could contain garbage values |
sp_protocol in RTM_DELETE messages could contain garbage values |
leading to routing socket users that restrict the AF (such as ospfd) |
leading to routing socket users that restrict the AF (such as ospfd) |
|
|
<p> |
<p> |
|
|
<li id="p010_cbc"> |
<li id="p010_cbc"> |
<font color="#009000"><strong>010: RELIABILITY FIX: December 20, 2010</strong></font> |
<strong>010: RELIABILITY FIX: December 20, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. |
Bring CBC oracle attack countermeasures to hardware crypto accelerator land. |
This fixes aes-ni, via xcrypt and various drivers |
This fixes aes-ni, via xcrypt and various drivers |
|
|
|
|
|
|
<li id="p009_pf"> |
<li id="p009_pf"> |
<font color="#009000"><strong>009: SECURITY FIX: December 17, 2010</strong></font> |
<strong>009: SECURITY FIX: December 17, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Insufficent initialization of the pf rule structure in the ioctl |
Insufficent initialization of the pf rule structure in the ioctl |
handler may allow userland to modify kernel memory. By default root |
handler may allow userland to modify kernel memory. By default root |
|
|
<p> |
<p> |
|
|
<li id="p008_openssl"> |
<li id="p008_openssl"> |
<font color="#009000"><strong>008: RELIABILITY FIX: November 17, 2010</strong></font> |
<strong>008: RELIABILITY FIX: November 17, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to |
a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded |
a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded |
|
|
<p> |
<p> |
|
|
<li id="p007_scsi"> |
<li id="p007_scsi"> |
<font color="#009000"><strong>007: RELIABILITY FIX: September 14, 2010</strong></font> |
<strong>007: RELIABILITY FIX: September 14, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.<br> |
Avoid calling scsi_done() more than once in gdt(4). Fixes a kernel panic triggered by syncing disks during shut down.<br> |
Clear the ITSDONE flag before issuing commands to the SCSI adapter. Fixes handling of retried SCSI commands. |
Clear the ITSDONE flag before issuing commands to the SCSI adapter. Fixes handling of retried SCSI commands. |
|
|
<p> |
<p> |
|
|
<li id="p006_scsi"> |
<li id="p006_scsi"> |
<font color="#009000"><strong>006: RELIABILITY FIX: July 8, 2010</strong></font> |
<strong>006: RELIABILITY FIX: July 8, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives. |
Restore an unusual XS_SENSE semantic. Fixes dump(8)/restore(8) problems seen on certain tape drives. |
<br> |
<br> |
|
|
<p> |
<p> |
|
|
<li id="p005_pfsync"> |
<li id="p005_pfsync"> |
<font color="#009000"><strong>005: RELIABILITY FIX: May 14, 2010</strong></font> |
<strong>005: RELIABILITY FIX: May 14, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Incorrectly initialized state updates can cause pfsync update storms. |
Incorrectly initialized state updates can cause pfsync update storms. |
<br> |
<br> |
|
|
<p> |
<p> |
|
|
<li id="p004_pfsync"> |
<li id="p004_pfsync"> |
<font color="#009000"><strong>004: SECURITY FIX: April 23, 2010</strong></font> |
<strong>004: SECURITY FIX: April 23, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
The combination of pfsync and IPSEC may crash the kernel.<br> |
The combination of pfsync and IPSEC may crash the kernel.<br> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.7/common/004_pfsync.patch"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.7/common/004_pfsync.patch"> |
|
|
<p> |
<p> |
|
|
<li id="p003_openssl"> |
<li id="p003_openssl"> |
<font color="#009000"><strong>003: SECURITY FIX: April 14, 2010</strong></font> |
<strong>003: SECURITY FIX: April 14, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
In TLS connections, certain incorrectly formatted records can cause |
In TLS connections, certain incorrectly formatted records can cause |
an OpenSSL client or server to crash due to a read attempt at NULL. |
an OpenSSL client or server to crash due to a read attempt at NULL. |
|
|
<p> |
<p> |
|
|
<li id="p002_mpi"> |
<li id="p002_mpi"> |
<font color="#009000"><strong>002: RELIABILITY FIX: April 4, 2010</strong></font> |
<strong>002: RELIABILITY FIX: April 4, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
When updating sensors showing the state of RAID volumes |
When updating sensors showing the state of RAID volumes |
<a href="https://man.openbsd.org/OpenBSD-4.7/mpi.4">mpi(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-4.7/mpi.4">mpi(4)</a> |
|
|
<p> |
<p> |
|
|
<li id="p001_kerberos"> |
<li id="p001_kerberos"> |
<font color="#009000"><strong>001: RELIABILITY FIX: March 31, 2010</strong></font> |
<strong>001: RELIABILITY FIX: March 31, 2010</strong> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
When decrypting packets, the internal decryption functions were not |
When decrypting packets, the internal decryption functions were not |
paranoid enough in checking for underruns, which could potentially |
paranoid enough in checking for underruns, which could potentially |
|
|
</ul> |
</ul> |
|
|
<hr> |
<hr> |
|
|
</body> |
|
</html> |
|