version 1.49, 2016/08/15 02:22:06 |
version 1.50, 2016/10/16 19:11:30 |
|
|
<br> |
<br> |
<hr> |
<hr> |
|
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5.tar.gz"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5.tar.gz"> |
You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
This file is updated once a day. |
This file is updated once a day. |
<p> |
<p> |
|
|
Memory corruption happens during |
Memory corruption happens during |
ICMP reflection handling. ICMP reflection is disabled by default. |
ICMP reflection handling. ICMP reflection is disabled by default. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/001_icmp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/001_icmp.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS |
heartbeat extension (RFC6520) which can result in a leak of memory contents. |
heartbeat extension (RFC6520) which can result in a leak of memory contents. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/002_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/002_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<a href="http://man.openbsd.org/?query=ftp&manpath=OpenBSD+5.5&sektion=1">ftp(1)</a> |
<a href="http://man.openbsd.org/?query=ftp&manpath=OpenBSD+5.5&sektion=1">ftp(1)</a> |
utility. |
utility. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/003_ftp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/003_ftp.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
A use-after-free race condition in OpenSSL's read buffer may permit an attacker |
to inject data from one connection into another. |
to inject data from one connection into another. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/004_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
An attacker can trigger generation of an SSL alert which could cause |
An attacker can trigger generation of an SSL alert which could cause |
a null pointer dereference. |
a null pointer dereference. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/005_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/005_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
</ul> |
</ul> |
Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information. |
Please see <a href="http://lists.x.org/archives/xorg-announce/2014-May/002431.html">the advisory</a> for more information. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/006_libXfont.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/006_libXfont.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
This could enable local users to interfere with an open SMTP connection. |
This could enable local users to interfere with an open SMTP connection. |
This issue was assigned CVE-2014-3956. |
This issue was assigned CVE-2014-3956. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/007_sendmail.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/007_sendmail.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/008_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/008_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
and |
and |
<a href="http://man.openbsd.org/?query=dhcpd&sektion=8">dhcpd(8)</a>. |
<a href="http://man.openbsd.org/?query=dhcpd&sektion=8">dhcpd(8)</a>. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/009_dhcp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/009_dhcp.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
This patch contains a number of SSL library fixes. |
This patch contains a number of SSL library fixes. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/010_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/010_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
host confusion attacks in some configurations. |
host confusion attacks in some configurations. |
This issue was assigned CVE-2014-3616. |
This issue was assigned CVE-2014-3616. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/011_nginx.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/011_nginx.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
Two remotely triggerable memory leaks in OpenSSL can lead to a denial of |
service in server applications. |
service in server applications. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/012_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/012_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Executable headers with an unaligned address will trigger a kernel panic. |
Executable headers with an unaligned address will trigger a kernel panic. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/013_kernexec.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/013_kernexec.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
from {192.0.2.1 2001:db8::1} to (pppoe0)", will have an incorrect /32 |
from {192.0.2.1 2001:db8::1} to (pppoe0)", will have an incorrect /32 |
mask applied to the dynamic address. |
mask applied to the dynamic address. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/014_pfctl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/014_pfctl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref. |
Querying an invalid hostname with gethostbyname(3) could cause a NULL deref. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/015_asr.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/015_asr.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Several bugs were fixed that allowed a crash from remote when an active pipex |
Several bugs were fixed that allowed a crash from remote when an active pipex |
session exists. |
session exists. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/016_pipex.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/016_pipex.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
An incorrect memcpy call would result in corrupted MAC addresses when |
An incorrect memcpy call would result in corrupted MAC addresses when |
using PPPOE. |
using PPPOE. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/017_pppoe.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/017_pppoe.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Several bugs in virtio(4) can lead to hangs with virtio devices, |
Several bugs in virtio(4) can lead to hangs with virtio devices, |
like vio(4) and vioblk(4). |
like vio(4) and vioblk(4). |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/018_virtio.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/018_virtio.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/">X Advisory</a> |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/">X Advisory</a> |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/019_xserver.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/019_xserver.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
<a href="http://www.wangafu.net/~nickm/volatile/advisory.txt.asc">Libevent Advisory</a> |
<a href="http://www.wangafu.net/~nickm/volatile/advisory.txt.asc">Libevent Advisory</a> |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/020_libevent.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/020_libevent.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
For more information, see the |
For more information, see the |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/">X.org advisory</a>. |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2015-02-10/">X.org advisory</a>. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/021_xserver.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/021_xserver.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Another fix for buffer overflows in malformed fonts. |
Another fix for buffer overflows in malformed fonts. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/022_freetype.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/022_freetype.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
For more information, see the |
For more information, see the |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/">X.org advisory</a>. |
<a href="http://www.x.org/wiki/Development/Security/Advisory-2015-03-17/">X.org advisory</a>. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/023_libxfont.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/023_libxfont.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<br>Note that the instructions should read <code>cd /usr/xenocara/lib/libXfont</code>. |
<br>Note that the instructions should read <code>cd /usr/xenocara/lib/libXfont</code>. |
<p> |
<p> |
|
|
For more information, see the |
For more information, see the |
<a href="https://www.openssl.org/news/secadv_20150319.txt">OpenSSL advisory</a>. |
<a href="https://www.openssl.org/news/secadv_20150319.txt">OpenSSL advisory</a>. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/024_openssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/024_openssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<br>Note that instructions should read <code>cd /usr/src/lib/libssl/crypto</code>. |
<br>Note that instructions should read <code>cd /usr/src/lib/libssl/crypto</code>. |
<p> |
<p> |
|
|
Fix a logic error in smtpd handling of SNI. |
Fix a logic error in smtpd handling of SNI. |
This could allow a remote user to crash the server or provoke a disconnect of other sessions. |
This could allow a remote user to crash the server or provoke a disconnect of other sessions. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/025_smtpd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/025_smtpd.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|