Return to plus.html CVS log | Up to [local] / www |
version 1.886, 2003/09/10 15:52:47 | version 1.887, 2003/09/15 21:51:02 | ||
---|---|---|---|
|
|
||
<p> | <p> | ||
<h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> | <h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> | ||
The following list sums up (almost) all the changes made up to September 9. | The following list sums up (almost) all the changes made up to September 10. | ||
<p> | <p> | ||
<ul> | <ul> | ||
<!-- ^ 20030910 --> | <!-- ^ 20030910 --> | ||
<li>Fix the bounds check (and a potential int overflow) when setting <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion=3">sysctl(3)</a> values kern.seminfo.{semmns,semmsl}. | <li><font color="#e00000"><strong>SECURITY FIX: Root may be able to reduce the security level by taking advantage of an integer overflow when the semaphore limits are made very large.</strong></font><br> | ||
<a href="errata.html#sysvsem">A source code patch is available</a>.<br> | |||
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> | |||
<li>Pass -a to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fgrep&sektion=1">fgrep(1)</a> in Texinfo to make sure info files don't get treated as binary. | <li>Pass -a to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fgrep&sektion=1">fgrep(1)</a> in Texinfo to make sure info files don't get treated as binary. | ||
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=grep&sektion=1">grep(1)</a> check for the correct error value from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mmap&sektion=2">mmap(2)</a>, fixing a crash. | <li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=grep&sektion=1">grep(1)</a> check for the correct error value from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mmap&sektion=2">mmap(2)</a>, fixing a crash. | ||
<!-- ^ 20030909 --> | <!-- ^ 20030909 --> |