File: [local] / www / errata52.html (download) (as text)
Revision 1.41, Mon May 27 22:55:20 2019 UTC (5 years ago) by bentley
Branch: MAIN
Changes since 1.40: +12 -17 lines
Substantially clean up and modernize HTML markup across openbsd.org.
This was done with three purposes in mind:
- to reduce the massive amount of inline HTML, to be easier on developers
adding actual content
- to allow running the HTML validator across the source (doing this found
many unintentional mistakes in the present code, including at least a
dozen cases of half- or fully-invisible text)
- to separate content from presentation, so appearance can be controlled
through stylesheets
Great care was taken to keep all pages, even very old ones, looking the
same, give or take a few pixels of whitespace.
Much review, critique, and improvement from tj@
|
<!doctype html>
<html lang=en id=errata>
<meta charset=utf-8>
<title>OpenBSD 5.2 Errata</title>
<meta name="description" content="the OpenBSD CD errata page">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openbsd.org/errata52.html">
<!--
IMPORTANT REMINDER
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE
-->
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>BSD</b></a>
5.2 Errata
</h2>
<hr>
For errata on a certain release, click below:<br>
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<a href="errata36.html">3.6</a>,
<br>
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata41.html">4.1</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata48.html">4.8</a>,
<a href="errata49.html">4.9</a>,
<a href="errata50.html">5.0</a>,
<a href="errata51.html">5.1</a>,
<a href="errata53.html">5.3</a>,
<br>
<a href="errata54.html">5.4</a>,
<a href="errata55.html">5.5</a>,
<a href="errata56.html">5.6</a>,
<a href="errata57.html">5.7</a>,
<a href="errata58.html">5.8</a>,
<a href="errata59.html">5.9</a>,
<a href="errata60.html">6.0</a>,
<a href="errata61.html">6.1</a>,
<a href="errata62.html">6.2</a>,
<a href="errata63.html">6.3</a>,
<a href="errata64.html">6.4</a>,
<a href="errata65.html">6.5</a>.
<hr>
<p>
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch contains usage instructions.
All the following patches are also available in one
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2.tar.gz">tar.gz file</a>
for convenience.
<p>
Patches for supported releases are also incorporated into the
<a href="stable.html">-stable branch</a>.
<hr>
<ul>
<li id="p001_bgpd">
<strong>001: RELIABILITY FIX: November 29, 2012</strong>
<i>All architectures</i><br>
Some other systems have started sending incorrect flags which
cause session failures in OpenBSD's bgpd, and cause it
to propagate incorrect updates.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2/common/001_bgpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p002_bgpd">
<strong>002: RELIABILITY FIX: March 15, 2013</strong>
<i>All architectures</i><br>
A rare condition during session startup may cause bgpd to replace
an active session leading to unknown consequences. Bug found by
inspection (we do not know how to reproduce it, consider that a challenge).
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2/common/002_bgpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p003_tftpd">
<strong>003: RELIABILITY FIX: March 21, 2013</strong>
<i>All architectures</i><br>
A denial of services was discovered where certain combinations of
TFTP options could cause OACK generation to fail, which in turn
caused a double free in tftpd.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2/common/003_tftpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p004_nginx">
<strong>004: RELIABILITY FIX: May 17, 2013</strong>
<i>All architectures</i><br>
A problem exists in
<a href="https://man.openbsd.org/OpenBSD-5.2/nginx.8">nginx(8)</a>
if proxy_pass is used with untrusted HTTP backend servers.
The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an
upstream proxied server.
This issue was assigned CVE-2013-2070.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2/common/004_nginx.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p005_in6">
<strong>005: RELIABILITY FIX: May 31, 2013</strong>
<i>All architectures</i><br>
A local denial of service is possible by an unprivileged user if the
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially
crafted parameter.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.2/common/005_in6.patch">
A source code patch exists which remedies this problem.</a>
<p>
</ul>
<hr>
![[BACK]](/icons/back.gif){kind=icon}
Return to errata52.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www