===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata57.html,v
retrieving revision 1.44
retrieving revision 1.45
diff -c -r1.44 -r1.45
*** www/errata57.html 2017/03/28 04:04:52 1.44
--- www/errata57.html 2017/03/28 06:41:18 1.45
***************
*** 71,77 ****
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
! signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
--- 71,77 ----
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch is cryptographically signed with the
! signify(1) tool and contains
usage instructions.
All the following patches are also available in one
tar.gz file
***************
*** 85,91 ****
! -
001: INSTALL ISSUE: May 1, 2015
sparc64
The "miniroot" install method is broken (related to the addition of
--- 85,91 ----
! -
001: INSTALL ISSUE: May 1, 2015
sparc64
The "miniroot" install method is broken (related to the addition of
***************
*** 95,101 ****
No patch is available for obvious reasons, so use a different install method.
!
-
002: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
--- 95,101 ----
No patch is available for obvious reasons, so use a different install method.
!
-
002: SECURITY FIX: March 18, 2015
All architectures
Buffer overflows in libXfont
***************
*** 108,114 ****
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
!
-
003: SECURITY FIX: March 19, 2015
All architectures
Fix several crash causing defects from OpenSSL.
--- 108,114 ----
Note that the instructions should read cd /usr/xenocara/lib/libXfont
.
!
-
003: SECURITY FIX: March 19, 2015
All architectures
Fix several crash causing defects from OpenSSL.
***************
*** 127,133 ****
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.
--- 127,133 ----
A source code patch exists which remedies this problem.
!
-
004: RELIABILITY FIX: April 17, 2015
All architectures
Fix a logic error in smtpd handling of SNI.
***************
*** 137,143 ****
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: April 30, 2015
All architectures
A remote user can crash httpd by forcing the daemon to log to a file
--- 137,143 ----
A source code patch exists which remedies this problem.
!
-
005: RELIABILITY FIX: April 30, 2015
All architectures
A remote user can crash httpd by forcing the daemon to log to a file
***************
*** 147,153 ****
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: April 30, 2015
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
--- 147,153 ----
A source code patch exists which remedies this problem.
!
-
006: SECURITY FIX: April 30, 2015
All architectures
Malformed binaries could trigger kernel panics or view kernel memory.
***************
*** 156,162 ****
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: April 30, 2015
All architectures
Multiple issues in tar/pax/cpio:
--- 156,162 ----
A source code patch exists which remedies this problem.
!
-
007: SECURITY FIX: April 30, 2015
All architectures
Multiple issues in tar/pax/cpio:
***************
*** 171,177 ****
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: June 11, 2015
All architectures
Fix multiple reliability issues in smtpd:
--- 171,177 ----
A source code patch exists which remedies this problem.
!
-
008: RELIABILITY FIX: June 11, 2015
All architectures
Fix multiple reliability issues in smtpd:
***************
*** 183,189 ****
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: June 11, 2015
All architectures
Fix several defects from OpenSSL:
--- 183,189 ----
A source code patch exists which remedies this problem.
!
-
009: SECURITY FIX: June 11, 2015
All architectures
Fix several defects from OpenSSL:
***************
*** 201,207 ****
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: July 14, 2015
All architectures
A TCP socket can become confused and not properly cleanup resources.
--- 201,207 ----
A source code patch exists which remedies this problem.
!
-
010: SECURITY FIX: July 14, 2015
All architectures
A TCP socket can become confused and not properly cleanup resources.
***************
*** 210,216 ****
A source code patch exists which remedies this problem.
!
-
011: RELIABILITY FIX: July 26, 2015
All architectures
A kernel memory leak could be triggered by an unprivileged user in
--- 210,216 ----
A source code patch exists which remedies this problem.
!
-
011: RELIABILITY FIX: July 26, 2015
All architectures
A kernel memory leak could be triggered by an unprivileged user in
***************
*** 220,226 ****
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: July 26, 2015
All architectures
The patch utility could be made to invoke arbitrary commands via
--- 220,226 ----
A source code patch exists which remedies this problem.
!
-
012: SECURITY FIX: July 26, 2015
All architectures
The patch utility could be made to invoke arbitrary commands via
***************
*** 231,237 ****
A source code patch exists which remedies this problem.
!
-
013: SECURITY FIX: July 30, 2015
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
--- 231,237 ----
A source code patch exists which remedies this problem.
!
-
013: SECURITY FIX: July 30, 2015
All architectures
The patch utility could become desyncronized processing ed(1)-style diffs.
***************
*** 240,246 ****
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: August 16, 2015
All architectures
A change to sshd resulted in incorrect permissions being applied to pseudo
--- 240,246 ----
A source code patch exists which remedies this problem.
!
-
014: SECURITY FIX: August 16, 2015
All architectures
A change to sshd resulted in incorrect permissions being applied to pseudo
***************
*** 250,256 ****
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: September 28, 2015
All architectures
Various problems were identified in relayd and merged back from
--- 250,256 ----
A source code patch exists which remedies this problem.
!
-
015: RELIABILITY FIX: September 28, 2015
All architectures
Various problems were identified in relayd and merged back from
***************
*** 260,266 ****
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: September 28, 2015
All architectures
An incorrect operation in uvm could result in system panics.
--- 260,266 ----
A source code patch exists which remedies this problem.
!
-
016: RELIABILITY FIX: September 28, 2015
All architectures
An incorrect operation in uvm could result in system panics.
***************
*** 269,275 ****
A source code patch exists which remedies this problem.
!
-
017: SECURITY FIX: October 1, 2015
All architectures
Fix multiple reliability and security issues in smtpd:
--- 269,275 ----
A source code patch exists which remedies this problem.
!
-
017: SECURITY FIX: October 1, 2015
All architectures
Fix multiple reliability and security issues in smtpd:
***************
*** 288,294 ****
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: October 14, 2015
All architectures
A problem with timer kevents could result in a kernel hang (local denial
--- 288,294 ----
A source code patch exists which remedies this problem.
!
-
018: RELIABILITY FIX: October 14, 2015
All architectures
A problem with timer kevents could result in a kernel hang (local denial
***************
*** 297,303 ****
A source code patch exists which remedies this problem.
!
-
019: RELIABILITY FIX: October 15, 2015
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
--- 297,303 ----
A source code patch exists which remedies this problem.
!
-
019: RELIABILITY FIX: October 15, 2015
All architectures
The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun
***************
*** 306,312 ****
A source code patch exists which remedies this problem.
!
-
020: RELIABILITY FIX: November 9, 2015
All architectures
Insufficient validation of RSN element group cipher values in 802.11
--- 306,312 ----
A source code patch exists which remedies this problem.
!
-
020: RELIABILITY FIX: November 9, 2015
All architectures
Insufficient validation of RSN element group cipher values in 802.11
***************
*** 315,321 ****
A source code patch exists which remedies this problem.
!
-
021: RELIABILITY FIX: Dec 3, 2015
All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to
--- 315,321 ----
A source code patch exists which remedies this problem.
!
-
021: RELIABILITY FIX: Dec 3, 2015
All architectures
A NULL pointer deference could be triggered by a crafted certificate sent to
***************
*** 324,330 ****
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: January 14, 2016
All architectures
Experimental roaming code in the ssh client could be tricked by a hostile sshd
--- 324,330 ----
A source code patch exists which remedies this problem.
!
-
022: SECURITY FIX: January 14, 2016
All architectures
Experimental roaming code in the ssh client could be tricked by a hostile sshd
***************
*** 337,343 ****
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: March 10, 2016
All architectures
--- 337,343 ----
A source code patch exists which remedies this problem.
!
-
023: SECURITY FIX: March 10, 2016
All architectures
***************
*** 350,356 ****
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: March 16, 2016
All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option
--- 350,356 ----
A source code patch exists which remedies this problem.
!
-
024: SECURITY FIX: March 16, 2016
All architectures
Insufficient checks in IPv6 socket binding and UDP IPv6 option