version 1.838, 2002/08/02 23:22:24 |
version 1.839, 2002/08/16 00:16:44 |
|
|
|
|
<p> |
<p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
<h3><font color=#0000e0>We are working on OpenBSD-current.</font></h3><p> |
The following list sums up (almost) all the changes made up to August 1. |
The following list sums up (almost) all the changes made up to August 10. |
<ul> |
<ul> |
|
|
|
<!-- ^^^ 20020811 --> |
|
<li><font color="#e00000"><strong>SECURITY FIX: An insufficient boundary check in the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=select&sektion=2">select(2)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=poll&sektion=2">poll(2)</a> system calls allows an attacker to overwrite kernel memory and execute arbitrary code in kernel context.</strong></font><br> |
|
<a href="errata.html#scarg">A source code patch is available</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<!-- ^^^ 20020810 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=raid&sektion=4">raid(4)</a> no longer gets loud at boot time unless option RAIDDEBUG is used. |
|
<li>Sink a few bugs in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bs&sektion=6">bs(6)</a>. |
|
<!-- ^^^ 20020809 --> |
|
<li>Fix raw socket translation for Linux compatibility mode. |
|
<li>Properly clear the argument list in pmdb. |
|
<li>Die on fd_set overrun in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mtrace&sektion=8">mtrace(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=map-mbone&sektion=8">map-mbone(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrouted&sektion=8">mrouted(8)</a> (not built by default.) |
|
<li>When emulating Linux, don't have accept()ed sockets inherit flags from the listen socket. |
|
<li>Fix snprintf length in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a>. |
|
<li>Correct a sizeof bug in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=photurisd&sektion=8">photurisd(8)</a>. |
|
<li>Tweak IFF_PROMISC handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> to avoid some unnecessary initialisations. |
|
<li>Fix a potential off-by-one in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a> that could cause mmap breakage on some architectures. |
|
<li>Make insertion of data into socket buffers run in constant time, a huge win especially with large buffers. |
|
<li>Relax slightly the conditions under which a TCP SYN packet will trigger the sequence number modulator. Handy for systems with ECN stacks. |
|
<li>Fix a number of && -> & bit-test typos in OpenSSH (v1 RSA key use,) <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=routed&sektion=8">routed(8)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pic&sektion=1">pic(1)</a>, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fvwm&sektion=1">fvwm(1)</a> and a few in the kernel. |
|
<li>Add a couple of missing <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=open&sektion=2">open(2)</a> mode args in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=afsd&sektion=8">afsd(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=msgs&sektion=1">msgs(1)</a>. |
|
<!-- ^^^ 20020808 --> |
|
<li>Improve TX interrupt handing in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=be&sektion=4&arch=sparc">be(4/SPARC,4/SPARC64)</a>. |
|
<li>Fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrinfo&sektion=8">mrinfo(8)</a> (this isn't built by default.) |
|
<li>Improve <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a>'s handling of interrupted system calls. |
|
<li>Fix a free-in-caught-alloc-failure-block (!) in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ohci&sektion=4">ohci(4)</a>. |
|
<li>Rewrite the CRL support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>. Check for OpenSSL >= 0.9.7, the earliest supported version for now. |
|
<!-- ^^^ 20020807 --> |
|
<li>Retrofit the new early privilege revocation code to the old X servers. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xlock&sektion=1">xlock(1)</a> defaults to blank mode (rather than random mode.) Also remove bomb mode altogether, to the annoyance of noone. |
|
<li>Several fixes to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hme&sektion=4&arch=sparc">hme(4/SPARC, 4/SPARC64)</a> driver. |
|
<li>Restore struct link_map ABI compatibility between ld.so and gdb, broken by the split of link.h into separate MI, ELF and a.out files. |
|
<!-- ^^^ 20020806 --> |
|
<li>Move AGP chipset support out of machine-independent section (AGP support is per-arch.) |
|
<li><strong><font color="#e00000">REVISED SECURITY FIX</font></strong> for the OpenSSL ASN.1 buffer overflows, see the <a href="errata.html#ssl">erratum</a>.<br> |
|
<a href="stable.html"><font color=#00b000>[Applied to stable]</font></a> |
|
<!-- ^^^ 20020805 --> |
|
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=auth_call&sektion=3">auth_call(3)</a>'s error logging. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> cross-checks the crontab filename against the system username. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a> drops its privileges earlier. |
|
<!-- ^^^ 20020804 --> |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> can log matching rules to syslog. |
|
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=write&sektion=1">write(1)</a> drops privileges after opening the tty. |
|
<li>Refactor <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmstat&sektion=8">vmstat(8)</a> slightly so <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kvm&sektion=3">kvm(3)</a> is only ever opened once (it could be opened a second time by dkstats.c before.) |
|
<li>Open the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kvm&sektion=3">kvm(3)</a> library earlier in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fstat&sektion=1">fstat(1)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systat&sektion=1">systat(1)</a>, and so drop privs earlier. |
|
<li>Test for a previously unchecked malloc() return value in the RPC library, and die unceremoniously on failure. |
|
<li>Catch file read errors in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rdate&sektion=8">rdate(8)</a>'s leapsecond handler. |
|
<li>Cleanup of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=amd&sektion=8">amd(8)</a>. |
|
<!-- ^^^ 20020803 --> |
|
<li>Remove Kerberos support from the default <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=login.conf&sektion=5">login.conf</a> (and its hardwired defaults for when login.conf is absent.) See <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/etc/login.conf?rev=1.12&content-type=text/x-cvsweb-markup">the log</a> for why. |
|
<li>No more RPC by default. Expect a lot of 'NFS is broken' email to misc@ when 3.2 is released. |
|
<li>Rework some aspects of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crontab&sektion=1">crontab(1)</a>'s file checks. |
|
<li>Provide our own <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=RSA_verify&sektion=3">RSA_verify(3)</a> implementation for OpenSSH. |
|
<li>Add the _sshagnt group for use by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>. |
|
<li>Correct a pointer comparison typo in libssl's ASN.1 parser library. |
|
<li>Check for correct return value of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=inet_aton&sektion=3">inet_aton(3)</a> in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>. |
<li>Add some overflow checks similar to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=calloc&sektion=3">calloc(3)</a> patch to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
<li>Add some overflow checks similar to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=calloc&sektion=3">calloc(3)</a> patch to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> support for certificate revocation lists. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a> support for certificate revocation lists. |
<!-- ^^^ 20020802 --> |
<!-- ^^^ 20020802 --> |