=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata57.html,v retrieving revision 1.44 retrieving revision 1.45 diff -c -r1.44 -r1.45 *** www/errata57.html 2017/03/28 04:04:52 1.44 --- www/errata57.html 2017/03/28 06:41:18 1.45 *************** *** 71,77 ****

Patches for the OpenBSD base system are distributed as unified diffs. Each patch is cryptographically signed with the ! signify(1) tool and contains usage instructions. All the following patches are also available in one tar.gz file --- 71,77 ----

001: INSTALL ISSUE: May 1, 2015 sparc64
The "miniroot" install method is broken (related to the addition of --- 85,91 ----
- 001: INSTALL ISSUE: May 1, 2015 sparc64
  The "miniroot" install method is broken (related to the addition of *************** *** 95,101 **** No patch is available for obvious reasons, so use a different install method.
  !
- 002: SECURITY FIX: March 18, 2015 All architectures
  Buffer overflows in libXfont --- 95,101 ---- No patch is available for obvious reasons, so use a different install method.
  !
- 002: SECURITY FIX: March 18, 2015 All architectures
  Buffer overflows in libXfont *************** *** 108,114 ****
  Note that the instructions should read cd /usr/xenocara/lib/libXfont.
  !
- 003: SECURITY FIX: March 19, 2015 All architectures
  Fix several crash causing defects from OpenSSL.
  --- 108,114 ----
  Note that the instructions should read cd /usr/xenocara/lib/libXfont.
  !
- 003: SECURITY FIX: March 19, 2015 All architectures
  Fix several crash causing defects from OpenSSL.
  *************** *** 127,133 **** A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: April 17, 2015 All architectures
  Fix a logic error in smtpd handling of SNI. --- 127,133 ---- A source code patch exists which remedies this problem.
  !
- 004: RELIABILITY FIX: April 17, 2015 All architectures
  Fix a logic error in smtpd handling of SNI. *************** *** 137,143 **** A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: April 30, 2015 All architectures
  A remote user can crash httpd by forcing the daemon to log to a file --- 137,143 ---- A source code patch exists which remedies this problem.
  !
- 005: RELIABILITY FIX: April 30, 2015 All architectures
  A remote user can crash httpd by forcing the daemon to log to a file *************** *** 147,153 **** A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: April 30, 2015 All architectures
  Malformed binaries could trigger kernel panics or view kernel memory. --- 147,153 ---- A source code patch exists which remedies this problem.
  !
- 006: SECURITY FIX: April 30, 2015 All architectures
  Malformed binaries could trigger kernel panics or view kernel memory. *************** *** 156,162 **** A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: April 30, 2015 All architectures
  Multiple issues in tar/pax/cpio: --- 156,162 ---- A source code patch exists which remedies this problem.
  !
- 007: SECURITY FIX: April 30, 2015 All architectures
  Multiple issues in tar/pax/cpio: *************** *** 171,177 **** A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: June 11, 2015 All architectures
  Fix multiple reliability issues in smtpd: --- 171,177 ---- A source code patch exists which remedies this problem.
  !
- 008: RELIABILITY FIX: June 11, 2015 All architectures
  Fix multiple reliability issues in smtpd: *************** *** 183,189 **** A source code patch exists which remedies this problem.
  !
- 009: SECURITY FIX: June 11, 2015 All architectures
  Fix several defects from OpenSSL: --- 183,189 ---- A source code patch exists which remedies this problem.
  !
- 009: SECURITY FIX: June 11, 2015 All architectures
  Fix several defects from OpenSSL: *************** *** 201,207 **** A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: July 14, 2015 All architectures
  A TCP socket can become confused and not properly cleanup resources. --- 201,207 ---- A source code patch exists which remedies this problem.
  !
- 010: SECURITY FIX: July 14, 2015 All architectures
  A TCP socket can become confused and not properly cleanup resources. *************** *** 210,216 **** A source code patch exists which remedies this problem.
  !
- 011: RELIABILITY FIX: July 26, 2015 All architectures
  A kernel memory leak could be triggered by an unprivileged user in --- 210,216 ---- A source code patch exists which remedies this problem.
  !
- 011: RELIABILITY FIX: July 26, 2015 All architectures
  A kernel memory leak could be triggered by an unprivileged user in *************** *** 220,226 **** A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: July 26, 2015 All architectures
  The patch utility could be made to invoke arbitrary commands via --- 220,226 ---- A source code patch exists which remedies this problem.
  !
- 012: SECURITY FIX: July 26, 2015 All architectures
  The patch utility could be made to invoke arbitrary commands via *************** *** 231,237 **** A source code patch exists which remedies this problem.
  !
- 013: SECURITY FIX: July 30, 2015 All architectures
  The patch utility could become desyncronized processing ed(1)-style diffs. --- 231,237 ---- A source code patch exists which remedies this problem.
  !
- 013: SECURITY FIX: July 30, 2015 All architectures
  The patch utility could become desyncronized processing ed(1)-style diffs. *************** *** 240,246 **** A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: August 16, 2015 All architectures
  A change to sshd resulted in incorrect permissions being applied to pseudo --- 240,246 ---- A source code patch exists which remedies this problem.
  !
- 014: SECURITY FIX: August 16, 2015 All architectures
  A change to sshd resulted in incorrect permissions being applied to pseudo *************** *** 250,256 **** A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: September 28, 2015 All architectures
  Various problems were identified in relayd and merged back from --- 250,256 ---- A source code patch exists which remedies this problem.
  !
- 015: RELIABILITY FIX: September 28, 2015 All architectures
  Various problems were identified in relayd and merged back from *************** *** 260,266 **** A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: September 28, 2015 All architectures
  An incorrect operation in uvm could result in system panics. --- 260,266 ---- A source code patch exists which remedies this problem.
  !
- 016: RELIABILITY FIX: September 28, 2015 All architectures
  An incorrect operation in uvm could result in system panics. *************** *** 269,275 **** A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: October 1, 2015 All architectures
  Fix multiple reliability and security issues in smtpd:
  --- 269,275 ---- A source code patch exists which remedies this problem.
  !
- 017: SECURITY FIX: October 1, 2015 All architectures
  Fix multiple reliability and security issues in smtpd:
  *************** *** 288,294 **** A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: October 14, 2015 All architectures
  A problem with timer kevents could result in a kernel hang (local denial --- 288,294 ---- A source code patch exists which remedies this problem.
  !
- 018: RELIABILITY FIX: October 14, 2015 All architectures
  A problem with timer kevents could result in a kernel hang (local denial *************** *** 297,303 **** A source code patch exists which remedies this problem.
  !
- 019: RELIABILITY FIX: October 15, 2015 All architectures
  The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun --- 297,303 ---- A source code patch exists which remedies this problem.
  !
- 019: RELIABILITY FIX: October 15, 2015 All architectures
  The OBJ_obj2txt function in libcrypto contains a one byte buffer overrun *************** *** 306,312 **** A source code patch exists which remedies this problem.
  !
- 020: RELIABILITY FIX: November 9, 2015 All architectures
  Insufficient validation of RSN element group cipher values in 802.11 --- 306,312 ---- A source code patch exists which remedies this problem.
  !
- 020: RELIABILITY FIX: November 9, 2015 All architectures
  Insufficient validation of RSN element group cipher values in 802.11 *************** *** 315,321 **** A source code patch exists which remedies this problem.
  !
- 021: RELIABILITY FIX: Dec 3, 2015 All architectures
  A NULL pointer deference could be triggered by a crafted certificate sent to --- 315,321 ---- A source code patch exists which remedies this problem.
  !
- 021: RELIABILITY FIX: Dec 3, 2015 All architectures
  A NULL pointer deference could be triggered by a crafted certificate sent to *************** *** 324,330 **** A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: January 14, 2016 All architectures
  Experimental roaming code in the ssh client could be tricked by a hostile sshd --- 324,330 ---- A source code patch exists which remedies this problem.
  !
- 022: SECURITY FIX: January 14, 2016 All architectures
  Experimental roaming code in the ssh client could be tricked by a hostile sshd *************** *** 337,343 **** A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: March 10, 2016 All architectures
  --- 337,343 ---- A source code patch exists which remedies this problem.
  !
- 023: SECURITY FIX: March 10, 2016 All architectures
  *************** *** 350,356 **** A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: March 16, 2016 All architectures
  Insufficient checks in IPv6 socket binding and UDP IPv6 option --- 350,356 ---- A source code patch exists which remedies this problem.
  !
- 024: SECURITY FIX: March 16, 2016 All architectures
  Insufficient checks in IPv6 socket binding and UDP IPv6 option