| version 1.58, 2019/04/02 12:46:57 |
version 1.59, 2019/05/27 22:55:20 |
|
|
| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<!doctype html> |
| <html> |
<html lang=en id=errata> |
| <head> |
<meta charset=utf-8> |
| |
|
| <title>OpenBSD 5.4 Errata</title> |
<title>OpenBSD 5.4 Errata</title> |
| <meta name="description" content="the OpenBSD CD errata page"> |
<meta name="description" content="the OpenBSD CD errata page"> |
| <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
|
| <meta name="viewport" content="width=device-width, initial-scale=1"> |
<meta name="viewport" content="width=device-width, initial-scale=1"> |
| <link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
| <link rel="canonical" href="https://www.openbsd.org/errata54.html"> |
<link rel="canonical" href="https://www.openbsd.org/errata54.html"> |
| </head> |
|
| |
|
| <!-- |
<!-- |
| IMPORTANT REMINDER |
IMPORTANT REMINDER |
| IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE |
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE |
| --> |
--> |
| |
|
| <body bgcolor="#ffffff" text="#000000" link="#23238E"> |
|
| |
|
| <h2> |
<h2 id=OpenBSD> |
| <a href="index.html"> |
<a href="index.html"> |
| <font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a> |
<i>Open</i><b>BSD</b></a> |
| <font color="#e00000">5.4 Errata</font> |
5.4 Errata |
| </h2> |
</h2> |
| <hr> |
<hr> |
| |
|
|
|
| <ul> |
<ul> |
| |
|
| <li id="p001_pflow"> |
<li id="p001_pflow"> |
| <font color="#009000"><strong>001: RELIABILITY FIX: Nov 7, 2013</strong></font> |
<strong>001: RELIABILITY FIX: Nov 7, 2013</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A crash can happen on |
A crash can happen on |
| <a href="https://man.openbsd.org/OpenBSD-5.4/pflow.4">pflow(4)</a> |
<a href="https://man.openbsd.org/OpenBSD-5.4/pflow.4">pflow(4)</a> |
|
|
| <p> |
<p> |
| |
|
| <li id="p002_sshgcm"> |
<li id="p002_sshgcm"> |
| <font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> |
<strong>002: SECURITY FIX: Nov 7, 2013</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A memory corruption vulnerability exists in the post-authentication sshd process |
A memory corruption vulnerability exists in the post-authentication sshd process |
| when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
|
|
| <p> |
<p> |
| |
|
| <li id="p003_vnode"> |
<li id="p003_vnode"> |
| <font color="#009000"><strong>003: RELIABILITY FIX: Nov 11, 2013</strong></font> |
<strong>003: RELIABILITY FIX: Nov 11, 2013</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| An unprivileged user may hang the system. |
An unprivileged user may hang the system. |
| |
|
|
|
| <p> |
<p> |
| |
|
| <li id="p004_nginx"> |
<li id="p004_nginx"> |
| <font color="#009000"><strong>004: SECURITY FIX: Nov 21, 2013</strong></font> |
<strong>004: SECURITY FIX: Nov 21, 2013</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A problem exists in |
A problem exists in |
| <a href="https://man.openbsd.org/OpenBSD-5.4/nginx.8">nginx(8)</a> |
<a href="https://man.openbsd.org/OpenBSD-5.4/nginx.8">nginx(8)</a> |
|
|
| <p> |
<p> |
| |
|
| <li id="p005_sha512"> |
<li id="p005_sha512"> |
| <font color="#009000"><strong>005: RELIABILITY FIX: Dec 19, 2013</strong></font> |
<strong>005: RELIABILITY FIX: Dec 19, 2013</strong> |
| <i>Strict alignment architectures</i><br> |
<i>Strict alignment architectures</i><br> |
| In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of |
| the application. The i386, amd64, vax and m68k platforms aren't |
the application. The i386, amd64, vax and m68k platforms aren't |
|
|
| <p> |
<p> |
| |
|
| <li id="p006_libXfont"> |
<li id="p006_libXfont"> |
| <font color="#009000"><strong>006: SECURITY FIX: Jan 10, 2014</strong></font> |
<strong>006: SECURITY FIX: Jan 10, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A BDF font file containing a longer than expected string could overflow |
A BDF font file containing a longer than expected string could overflow |
| a buffer on the stack in the X server. |
a buffer on the stack in the X server. |
|
|
| <p> |
<p> |
| |
|
| <li id="p007_openssl"> |
<li id="p007_openssl"> |
| <font color="#009000"><strong>007: SECURITY FIX: April 8, 2014</strong></font> |
<strong>007: SECURITY FIX: April 8, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
| heartbeat extension (RFC6520) which can result in a leak of memory contents. |
heartbeat extension (RFC6520) which can result in a leak of memory contents. |
|
|
| <p> |
<p> |
| |
|
| <li id="p008_openssl"> |
<li id="p008_openssl"> |
| <font color="#009000"><strong>008: SECURITY FIX: April 12, 2014</strong></font> |
<strong>008: SECURITY FIX: April 12, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
| to inject data from one connection into another. |
to inject data from one connection into another. |
|
|
| <p> |
<p> |
| |
|
| <li id="p009_openssl"> |
<li id="p009_openssl"> |
| <font color="#009000"><strong>009: RELIABILITY FIX: May 1, 2014</strong></font> |
<strong>009: RELIABILITY FIX: May 1, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| An attacker can trigger generation of an SSL alert which could cause |
An attacker can trigger generation of an SSL alert which could cause |
| a null pointer dereference. |
a null pointer dereference. |
|
|
| <p> |
<p> |
| |
|
| <li id="p010_libXfont"> |
<li id="p010_libXfont"> |
| <font color="#009000"><strong>010: SECURITY FIX: May 24, 2014</strong></font> |
<strong>010: SECURITY FIX: May 24, 2014</strong> |
| <i>All architectures with X server</i><br> |
<i>All architectures with X server</i><br> |
| X Font Service Protocol & Font metadata file handling issues in libXfont |
X Font Service Protocol & Font metadata file handling issues in libXfont |
| <ul> |
<ul> |
|
|
| <p> |
<p> |
| |
|
| <li id="p011_sendmail"> |
<li id="p011_sendmail"> |
| <font color="#009000"><strong>011: SECURITY FIX: June 5, 2014</strong></font> |
<strong>011: SECURITY FIX: June 5, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Sendmail was not properly closing file descriptions before executing programs. |
Sendmail was not properly closing file descriptions before executing programs. |
| This could enable local users to interfere with an open SMTP connection. |
This could enable local users to interfere with an open SMTP connection. |
|
|
| <p> |
<p> |
| |
|
| <li id="p012_openssl"> |
<li id="p012_openssl"> |
| <font color="#009000"><strong>012: SECURITY FIX: June 6, 2014</strong></font> |
<strong>012: SECURITY FIX: June 6, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
| <br> |
<br> |
|
|
| <p> |
<p> |
| |
|
| <li id="p013_dhcp"> |
<li id="p013_dhcp"> |
| <font color="#009000"><strong>013: RELIABILITY FIX: July 30, 2014</strong></font> |
<strong>013: RELIABILITY FIX: July 30, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Packets with illegal DHCP options can lead to memory exhaustion of |
Packets with illegal DHCP options can lead to memory exhaustion of |
| <a href="https://man.openbsd.org/OpenBSD-5.4/dhclient.8">dhclient(8)</a> |
<a href="https://man.openbsd.org/OpenBSD-5.4/dhclient.8">dhclient(8)</a> |
|
|
| <p> |
<p> |
| |
|
| <li id="p014_openssl"> |
<li id="p014_openssl"> |
| <font color="#009000"><strong>014: SECURITY FIX: August 9, 2014</strong></font> |
<strong>014: SECURITY FIX: August 9, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
| <br> |
<br> |
|
|
| <p> |
<p> |
| |
|
| <li id="p015_nginx"> |
<li id="p015_nginx"> |
| <font color="#009000"><strong>015: SECURITY FIX: October 1, 2014</strong></font> |
<strong>015: SECURITY FIX: October 1, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
nginx can reuse cached SSL sessions in unrelated contexts, allowing virtual |
| host confusion attacks in some configurations. |
host confusion attacks in some configurations. |
|
|
| <p> |
<p> |
| |
|
| <li id="p016_openssl"> |
<li id="p016_openssl"> |
| <font color="#009000"><strong>016: RELIABILITY FIX: October 20, 2014</strong></font> |
<strong>016: RELIABILITY FIX: October 20, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
| service in server applications. |
service in server applications. |
|
|
| <p> |
<p> |
| |
|
| <li id="p017_kernexec"> |
<li id="p017_kernexec"> |
| <font color="#009000"><strong>017: RELIABILITY FIX: October 20, 2014</strong></font> |
<strong>017: RELIABILITY FIX: October 20, 2014</strong> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Executable headers with an unaligned address will trigger a kernel panic. |
Executable headers with an unaligned address will trigger a kernel panic. |
| <br> |
<br> |
|
|
| </ul> |
</ul> |
| |
|
| <hr> |
<hr> |
| |
|
| </body> |
|
| </html> |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to errata54.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www