| version 1.28, 2016/10/13 15:27:41 |
version 1.29, 2016/10/16 19:11:30 |
|
|
| <br> |
<br> |
| <hr> |
<hr> |
| |
|
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9.tar.gz"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9.tar.gz"> |
| You can also fetch a tar.gz file containing all the following patches</a>. |
You can also fetch a tar.gz file containing all the following patches</a>. |
| This file is updated once a day. |
This file is updated once a day. |
| <p> |
<p> |
|
|
| <li id="001_sshd"> |
<li id="001_sshd"> |
| <font color="#009000"><strong>001: SECURITY FIX: March 10, 2016</strong></font> |
<font color="#009000"><strong>001: SECURITY FIX: March 10, 2016</strong></font> |
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| <a href="http://www.openssh.com/txt/x11fwd.adv"> |
<a href="https://www.openssh.com/txt/x11fwd.adv"> |
| Lack of credential sanitization allows injection of commands to xauth(1).</a> |
Lack of credential sanitization allows injection of commands to xauth(1).</a> |
| <br> |
<br> |
| Prevent this problem immediately by not using the "X11Forwarding" feature |
Prevent this problem immediately by not using the "X11Forwarding" feature |
| (which is disabled by default) |
(which is disabled by default) |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/001_sshd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/001_sshd.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| processing allow a local user to send UDP packets with a source |
processing allow a local user to send UDP packets with a source |
| (IPv6 address + port) already reserved by another user. |
(IPv6 address + port) already reserved by another user. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/002_in6bind.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/002_in6bind.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Incorrect path processing in pledge_namei() could result in unexpected |
Incorrect path processing in pledge_namei() could result in unexpected |
| program termination of pledge(2)'d programs. |
program termination of pledge(2)'d programs. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/003_pledge.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/003_pledge.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| A problem in m_dup_pkt() can result in kernel crashes with carp(4). |
A problem in m_dup_pkt() can result in kernel crashes with carp(4). |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/004_mbuf.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/004_mbuf.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <li>EVP_EncryptUpdate overflow (CVE-2016-2106) |
<li>EVP_EncryptUpdate overflow (CVE-2016-2106) |
| <li>ASN.1 BIO excessive memory allocation (CVE-2016-2109) |
<li>ASN.1 BIO excessive memory allocation (CVE-2016-2109) |
| </ul> |
</ul> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/005_crypto.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <li>Fix logic issue in smtp state machine that can lead to invalid state and result in crash. |
<li>Fix logic issue in smtp state machine that can lead to invalid state and result in crash. |
| <li>Plug file pointer leak that can lead to resources exhaustion and result in crash. |
<li>Plug file pointer leak that can lead to resources exhaustion and result in crash. |
| </ul> |
</ul> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/006_smtpd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/006_smtpd.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel |
Insufficient checks in the uvideo(4) V4L2 ioctl handling leak kernel |
| memory contents to a local user. |
memory contents to a local user. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/007_uvideo.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/007_uvideo.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Fix issue in the bnx(4) ethernet driver that could cause data corruption. |
Fix issue in the bnx(4) ethernet driver that could cause data corruption. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/008_bnx.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/008_bnx.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Fix a bug in the libcrypto library when parsing certain ASN.1 elements. |
Fix a bug in the libcrypto library when parsing certain ASN.1 elements. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/009_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/009_crypto.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Fix issues in the libexpat library to prevent multiple integer and |
Fix issues in the libexpat library to prevent multiple integer and |
| buffer overflows. |
buffer overflows. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/010_libexpat.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/010_libexpat.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Correct a problem that prevents the DSA signing algorithm from running |
Correct a problem that prevents the DSA signing algorithm from running |
| in constant time even if the flag BN_FLG_CONSTTIME is set. |
in constant time even if the flag BN_FLG_CONSTTIME is set. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/011_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/011_crypto.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages. |
Correct a problem that could result in incorrect parsing/encoding of times in OCSP messages. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/012_crypto.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/012_crypto.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Splicing sockets in a loop could cause a kernel spin. |
Splicing sockets in a loop could cause a kernel spin. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/013_splice.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/013_splice.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Multiple processes exiting with a fd-passing control message on a |
Multiple processes exiting with a fd-passing control message on a |
| shared socket could crash the system. |
shared socket could crash the system. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/014_unp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/014_unp.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| ufs_readdir failed to limit size of memory allocation, leading to panics. |
ufs_readdir failed to limit size of memory allocation, leading to panics. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/015_dirent.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/015_dirent.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| The mmap extension __MAP_NOFAULT could overcommit resources and crash |
The mmap extension __MAP_NOFAULT could overcommit resources and crash |
| the system. |
the system. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/016_mmap.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/016_mmap.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| A race occuring in the unlocked ARP input path can lead to a kernel |
A race occuring in the unlocked ARP input path can lead to a kernel |
| NULL dereference. |
NULL dereference. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/017_arp.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/017_arp.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Tick counting overflows could cause a kernel crash. |
Tick counting overflows could cause a kernel crash. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/018_timeout.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/018_timeout.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <i>All architectures</i><br> |
<i>All architectures</i><br> |
| Invalid file descriptor use with kevent(2) could lead to a kernel crash. |
Invalid file descriptor use with kevent(2) could lead to a kernel crash. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/019_kevent.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/019_kevent.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| could cause malloc(9) to either not allocate enough memory, leading to memory |
could cause malloc(9) to either not allocate enough memory, leading to memory |
| corruption, or to trigger a "malloc: allocation too large" panic. |
corruption, or to trigger a "malloc: allocation too large" panic. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/020_amap.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/020_amap.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| When signaling an error to an HTTP relay client, the connection can be |
When signaling an error to an HTTP relay client, the connection can be |
| terminated prematurely, leading to a crash. |
terminated prematurely, leading to a crash. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/021_relayd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/021_relayd.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <br> |
<br> |
| A missing NULL check in sysctl code results in a crash. |
A missing NULL check in sysctl code results in a crash. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/022_sysctl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/022_sysctl.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <br> |
<br> |
| Missing overflow checks in uvm may result in panics. |
Missing overflow checks in uvm may result in panics. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/023_uvmisavail.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| See the <a href="http://marc.info/?l=perl5-porters&m=146945269625067&w=2"> |
See the <a href="http://marc.info/?l=perl5-porters&m=146945269625067&w=2"> |
| perl5-porters announcement</a> for details. |
perl5-porters announcement</a> for details. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/024_perl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/024_perl.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Improve relayd's parsing of the Host-header by following RFC 7230 |
Improve relayd's parsing of the Host-header by following RFC 7230 |
| Section 5.4 more strictly. |
Section 5.4 more strictly. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/025_relayd.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/025_relayd.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <br> |
<br> |
| Limit the number of wscons fonts that can be loaded into the kernel. |
Limit the number of wscons fonts that can be loaded into the kernel. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/026_wsfont.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/026_wsfont.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Avoid unbounded memory growth in libssl, which can be triggered by a TLS |
Avoid unbounded memory growth in libssl, which can be triggered by a TLS |
| client repeatedly renegotiating and sending OCSP Status Request TLS extensions. |
client repeatedly renegotiating and sending OCSP Status Request TLS extensions. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/027_libssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/027_libssl.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| <br> |
<br> |
| Avoid falling back to a weak digest for (EC)DH when using SNI with libssl. |
Avoid falling back to a weak digest for (EC)DH when using SNI with libssl. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/028_libssl.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
|
|
| Fix a number of issues in the way various X client libraries handle |
Fix a number of issues in the way various X client libraries handle |
| server responses. |
server responses. |
| <br> |
<br> |
| <a href="http://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/029_xorg_libs.patch.sig"> |
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/029_xorg_libs.patch.sig"> |
| A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
| <p> |
<p> |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to errata59.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www