version 1.28, 2016/10/13 15:27:41 |
version 1.29, 2016/10/16 19:11:30 |
|
|
<br> |
<br> |
<hr> |
<hr> |
|
|
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9.tar.gz"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9.tar.gz"> |
You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
This file is updated once a day. |
This file is updated once a day. |
<p> |
<p> |
|
|
<li id="001_sshd"> |
<li id="001_sshd"> |
<font color="#009000"><strong>001: SECURITY FIX: March 10, 2016</strong></font> |
<font color="#009000"><strong>001: SECURITY FIX: March 10, 2016</strong></font> |
<i>All architectures</i><br> |
<i>All architectures</i><br> |
<a href="http://www.openssh.com/txt/x11fwd.adv"> |
<a href="https://www.openssh.com/txt/x11fwd.adv"> |
Lack of credential sanitization allows injection of commands to xauth(1).</a> |
Lack of credential sanitization allows injection of commands to xauth(1).</a> |
<br> |
<br> |
Prevent this problem immediately by not using the "X11Forwarding" feature |
Prevent this problem immediately by not using the "X11Forwarding" feature |
(which is disabled by default) |
(which is disabled by default) |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/001_sshd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/001_sshd.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
processing allow a local user to send UDP packets with a source |
processing allow a local user to send UDP packets with a source |
(IPv6 address + port) already reserved by another user. |
(IPv6 address + port) already reserved by another user. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/002_in6bind.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/002_in6bind.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Incorrect path processing in pledge_namei() could result in unexpected |
Incorrect path processing in pledge_namei() could result in unexpected |
program termination of pledge(2)'d programs. |
program termination of pledge(2)'d programs. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/003_pledge.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/003_pledge.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
A problem in m_dup_pkt() can result in kernel crashes with carp(4). |
A problem in m_dup_pkt() can result in kernel crashes with carp(4). |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/004_mbuf.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/004_mbuf.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<li>EVP_EncryptUpdate overflow (CVE-2016-2106) |
<li>EVP_EncryptUpdate overflow (CVE-2016-2106) |
<li>ASN.1 BIO excessive memory allocation (CVE-2016-2109) |
<li>ASN.1 BIO excessive memory allocation (CVE-2016-2109) |
</ul> |
</ul> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<li>Fix logic issue in smtp state machine that can lead to invalid state and result in crash. |
<li>Fix logic issue in smtp state machine that can lead to invalid state and result in crash. |
<li>Plug file pointer leak that can lead to resources exhaustion and result in crash. |
<li>Plug file pointer leak that can lead to resources exhaustion and result in crash. |
</ul> |
</ul> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/006_smtpd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/006_smtpd.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel |
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel |
memory contents to a local user. |
memory contents to a local user. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/007_uvideo.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/007_uvideo.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix issue in the bnx(4) ethernet driver that could cause data corruption. |
Fix issue in the bnx(4) ethernet driver that could cause data corruption. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/008_bnx.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/008_bnx.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Fix a bug in the libcrypto library when parsing certain ASN.1 elements. |
Fix a bug in the libcrypto library when parsing certain ASN.1 elements. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/009_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/009_crypto.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Fix issues in the libexpat library to prevent multiple integer and |
Fix issues in the libexpat library to prevent multiple integer and |
buffer overflows. |
buffer overflows. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/010_libexpat.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/010_libexpat.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Correct a problem that prevents the DSA signing algorithm from running |
Correct a problem that prevents the DSA signing algorithm from running |
in constant time even if the flag BN_FLG_CONSTTIME is set. |
in constant time even if the flag BN_FLG_CONSTTIME is set. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/011_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/011_crypto.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages. |
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/012_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/012_crypto.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Splicing sockets in a loop could cause a kernel spin. |
Splicing sockets in a loop could cause a kernel spin. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/013_splice.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/013_splice.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Multiple processes exiting with a fd-passing control message on a |
Multiple processes exiting with a fd-passing control message on a |
shared socket could crash the system. |
shared socket could crash the system. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/014_unp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/014_unp.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
ufs_readdir failed to limit size of memory allocation, leading to panics. |
ufs_readdir failed to limit size of memory allocation, leading to panics. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/015_dirent.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/015_dirent.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
The mmap extension __MAP_NOFAULT could overcommit resources and crash |
The mmap extension __MAP_NOFAULT could overcommit resources and crash |
the system. |
the system. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/016_mmap.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/016_mmap.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
A race occuring in the unlocked ARP input path can lead to a kernel |
A race occuring in the unlocked ARP input path can lead to a kernel |
NULL dereference. |
NULL dereference. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/017_arp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/017_arp.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Tick counting overflows could cause a kernel crash. |
Tick counting overflows could cause a kernel crash. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/018_timeout.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/018_timeout.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<i>All architectures</i><br> |
<i>All architectures</i><br> |
Invalid file descriptor use with kevent(2) could lead to a kernel crash. |
Invalid file descriptor use with kevent(2) could lead to a kernel crash. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/019_kevent.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/019_kevent.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
could cause malloc(9) to either not allocate enough memory, leading to memory |
could cause malloc(9) to either not allocate enough memory, leading to memory |
corruption, or to trigger a "malloc: allocation too large" panic. |
corruption, or to trigger a "malloc: allocation too large" panic. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/020_amap.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/020_amap.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
When signaling an error to an HTTP relay client, the connection can be |
When signaling an error to an HTTP relay client, the connection can be |
terminated prematurely, leading to a crash. |
terminated prematurely, leading to a crash. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/021_relayd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/021_relayd.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
A missing NULL check in sysctl code results in a crash. |
A missing NULL check in sysctl code results in a crash. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/022_sysctl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/022_sysctl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
Missing overflow checks in uvm may result in panics. |
Missing overflow checks in uvm may result in panics. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
See the <a href="http://marc.info/?l=perl5-porters&m=146945269625067&w=2"> |
See the <a href="http://marc.info/?l=perl5-porters&m=146945269625067&w=2"> |
perl5-porters announcement</a> for details. |
perl5-porters announcement</a> for details. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/024_perl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/024_perl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Improve relayd's parsing of the Host-header by following RFC 7230 |
Improve relayd's parsing of the Host-header by following RFC 7230 |
Section 5.4 more strictly. |
Section 5.4 more strictly. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/025_relayd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/025_relayd.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
Limit the number of wscons fonts that can be loaded into the kernel. |
Limit the number of wscons fonts that can be loaded into the kernel. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/026_wsfont.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/026_wsfont.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Avoid unbounded memory growth in libssl, which can be triggered by a TLS |
Avoid unbounded memory growth in libssl, which can be triggered by a TLS |
client repeatedly renegotiating and sending OCSP Status Request TLS extensions. |
client repeatedly renegotiating and sending OCSP Status Request TLS extensions. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/027_libssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/027_libssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
<br> |
<br> |
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl. |
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|
|
|
Fix a number of issues in the way various X client libraries handle |
Fix a number of issues in the way various X client libraries handle |
server responses. |
server responses. |
<br> |
<br> |
<a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/029_xorg_libs.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/029_xorg_libs.patch.sig"> |
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
|
|