| version 1.863, 2003/03/06 16:27:10 |
version 1.864, 2003/03/12 00:02:06 |
|
|
| |
|
| <p> |
<p> |
| <h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> |
<h3><font color="#0000e0">We are working on OpenBSD-current.</font></h3><p> |
| The following list sums up (almost) all the changes made up to February 19. |
The following list sums up (almost) all the changes made up to March 5. |
| <p> |
<p> |
| |
|
| <ul> |
<ul> |
| <li><font color="#e00000"><strong>SECURITY FIX: February 25, 2003: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.</strong></font><br> |
<!-- ^ 20030306 --> |
| <a href="errata.html#httpd">A source code patch is available</a>.<br> |
<li>In the installer, delete the FTP password when no sets are found, so it doesn't get displayed in the URL. |
| |
<li>Add a boot image ISO for alpha. |
| |
<li>New images; the last X update before the release. |
| |
<li>Fix a number of memory leaks in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> and its related programs. |
| |
<li>Add a monolithic <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openssl&sektion=1">openssl(1)</a> manpage, covering all the tool commands. |
| |
<li>Media handling fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hme&sektion=4">hme(4)</a>. |
| |
<li>Set the right address family for IPv6 addresses in a <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> table. |
| |
<li>Update <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> to BIND 9.2.2-release. |
| |
<!-- ^ 20030305 --> |
| |
<li>Only have /etc/rc generate the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rndc&sektion=8">rndc(8)</a> key if <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> is to be started. |
| |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> always does setuid(named) and chroots to /var/named, so remove the variables for those actions from /etc/rc. |
| |
<li>Turn off the stack protector when building <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lkm&sektion=4">lkm(4)</a>s. |
| |
<li>Don't install <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrinfo&sektion=8">mrinfo(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mtrace&sektion=8">mtrace(8)</a> setuid root. |
| |
<li>Recreate the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rndc&sektion=8">rndc(8)</a> key if /etc/rndc.key and /var/named/etc/rndc.key are not identical, or if either is absent. |
| |
<li>3.3-beta -> 3.3 |
| |
<li>Fix user and group keywords with IPv6 <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> rules. |
| |
<li>Create a baby ISO for i386, with just the CD boot image on it. |
| |
<!-- ^ 20030304 --> |
| |
<li>Move the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> configuration channel from the spamd listener port the the next port up. |
| |
<li>Add to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=file&sektion=1">file(1)</a> support for additional image formats and a first pass at reading jpeg size. |
| |
<li>strncpy->strlcpy in libc resolver code. |
| |
<li>Upgrade <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=file&sektion=1">file(1)</a> to 3.41, to fix a buffer overflow. Get improved 64-bit ELF support as well. |
| |
<li>In the libc stack smash handler, straight away block all signal handlers from running. |
| |
<li>More fixes and improvements to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>. |
| |
<li>Sendmail updated to 8.2.12. |
| |
<li><font color="#e00000"><strong>SECURITY FIX: A buffer overflow in the envelope comments processing in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> may allow an attacker to gain root privileges.</strong></font><br> |
| |
<a href="errata.html#sendmail">A source code patch is available</a>.<br> |
| <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| |
<li>Fix some nits in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=m_pulldown&sektion=9">m_pulldown(9)</a>. |
| |
<li>Return a meaningful partition size from <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rd&sektion=4">rd(4)</a>. |
| |
<!-- ^ 20030303 --> |
| |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> display of altq bandwidth figures. |
| |
<li>Fix a missing configuration message validity check in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a>. |
| |
<li>Remove spamd-setup.sh script. |
| |
<li>Add a configuration channel in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> so spamd-setup.pl can talk to it. |
| |
<li>New spamd-setup.pl script to set up <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a>, with support for multiple blacklists configured via <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd.conf&sektion=5">spamd.conf(5)</a>. |
| |
<li>Add perl module Net::Netmask for new <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> setup perl script. |
| |
<li>Remove the redundant 'control' keyword from altq CBQ. |
| |
<li>Tag no-payload tcp ACK packets for priority queuing, see /usr/share/pf/ackpri for more information and an example. |
| |
<li>Guarantee that two <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> queues with the same name on different interfaces have the same internal queue id. |
| |
<!-- ^ 20030302 --> |
| |
<li>Prevent <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gem&sektion=4">gem(4)</a> removing DMA mappings that are still in use, which causes faults on sparc64. |
| |
<li>Stop the installer mistakenly deleting a default route that an FTP install may need to use. |
| |
<!-- ^ 20030301 --> |
| |
<li>Add a bootable CD iso image for sparc64. |
| |
<li>Fix a few bad printf format specifiers in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pflogd&sektion=8">pflogd(8)</a>. |
| |
<li>Disable GNU mmalloc on all architectures. |
| |
<li>Update all <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disktab&sektion=5">disktab(5)</a> files to show support for 16 partitions, and fix a few other glitches. |
| |
<li>Finally, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mrouted&sektion=8">mrouted(8)</a> and fellows have proper licensing and are now built by default. |
| |
<li>Make sure the error value is set properly on SA expiry for AH and ESP. |
| |
<li>Fix a Kerberos (IV and V) resolver overflow found by propolice. |
| |
<li>Make libc <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=random&sektion=3">random(3)</a> and related functions use u_int32_t internally instead of long. |
| |
<li>Update the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a> firmware images. |
| |
<li>Increase the ata IDENTIFY command timeout from one to three seconds. |
| |
<li>Use a bss copy of basename(argv[0]) for __progname, so even when there is real stack carnage a propolice stack-smash report has the right program name. |
| |
<li>Add a missing splsoftnet() in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> tables code. |
| |
<!-- ^ 20030228 --> |
| |
<li>Add WANT_LIBMILTER, WANT_SASL and WANT_LDAP mk.conf hooks for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a>. |
| |
<li>Add -trace-ctors-dtors option to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a>'s collect2. See <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">gcc-local(1)</a>. |
| |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rndc&sektion=8">rndc(8)</a> die properly on errors. |
| |
<li>In libz, check <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=snprintf&sektion=3">snprintf(3)</a> return value to detect truncation.<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> <!-- XXX 3.2-stable --> |
| |
<li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslog&sektion=3">syslog(3)</a> always logging to the console when LOG_CONS is enabled. |
| |
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=updatedb&sektion=8">updatedb(8)</a> use /var/tmp instead of /tmp, and include ext2fs volumes in the database. |
| |
<li>Handle invalid step sizes properly in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
| |
<li>Add IPv6 packet classification support for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> queues. |
| |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> tables' IPv6 support. |
| |
<!-- ^ 20030227 --> |
| |
<li>Correctly set the priority queue when expanding <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> rules. |
| |
<li>Some cleanup in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ti&sektion=4">ti(4)</a>. |
| |
<li>Make libz use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=snprintf&sektion=3">snprintf(3)</a> instead of sprintf(), since we're at it.<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> <!-- XXX 3.2-stable --> |
| |
<li>Fix a bug in bind's isc_print_vsnprintf(), even though it's not used in OpenBSD. |
| |
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> listen on IPv6 interfaces by default. |
| |
<li>More <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a> stack protector fixes. |
| |
<!-- ^ 20030226 --> |
| |
<li>Add 'show' and 'monitor' commands to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsecadm&sektion=8">ipsecadm(8)</a>. |
| |
<li>Update <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xterm&sektion=1">xterm(1)</a> to fix <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0063">CAN-2003-0063</a> and <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0071">CAN-2003-0071</a>. |
| |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> binat rule matching. |
| |
<li>Clean up <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> binat rule parsing. |
| |
<li>More bounds check fixes, in Linux compat and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gdt&sektion=4">gdt(4)</a>. |
| |
<!-- ^ 20030225 --> |
| |
<li>Correct two off-by-ones in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ami&sektion=4">ami(4)</a>. |
| |
<li>Fix a bad bounds check in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=midi&sektion=4">midi(4)</a>. |
| |
<li>Revert to the old <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> macro redefinition code, to stop a bad next pointer causing an endless loop. |
| |
<li>Fix a crasher in the pfkeyv2 debugging code. |
| |
<li>Add LZS compression support to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=hifn&sektion=4">hifn(4)</a>. Only usable by IPComp for now. |
| |
<!-- ^ 20030224 --> |
| |
<li>Set the portal filesystem file change time properly. |
| |
<li>Remove tcfs due to licensing problems. |
| |
<li>Fix a bogus <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmstat&sektion=8">vmstat(8)</a> warning message. |
| |
<li>Make libz use <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vsnprintf&sektion=3">vsnprintf(3)</a> instead of vsprintf().<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> <!-- XXX 3.2-stable --> |
| |
<!-- ^ 20030223 --> |
| |
<li>Add privilege separation to the old X servers too. |
| |
<!-- ^ 20030222 --> |
| |
<li>In the X server, open the keyboard and framebuffer drivers using privsep. |
| |
<li>Plug a couple of mbuf leaks on errors in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bridge&sektion=4">bridge(4)</a>. |
| |
<li>Pull in from FreeBSD a better environment variable parser for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
| |
<li>Repair <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> restarts, broken by the ETag inode leak fix. (The etags-state file wasn't readable after dropping privileges.) |
| |
<li>Don't try to allocate < 0 bytes of memory in libcrypto.<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| |
<li>Re-enable 'set loginterface none' option in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a>. |
| |
<li>Fix a bad sizeof in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> auth_krb4. |
| |
<li>Send BIND 4 to the attic. <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named(8)</a> is now BIND 9. |
| |
<li>Still more fixes to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a> stack protector. |
| |
<!-- ^ 20030221 --> |
| |
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a> check AH and ESP packets are of valid length before dumping their contents. |
| |
<li>Teach <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdump&sektion=8">tcpdump(8)</a> to print IPComp packets. |
| |
<li>Fix a crasher in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=systrace&sektion=1">systrace(1)</a> by reparing some locking code in the kernel, and removing a null deref in userland. |
| |
<li>Sync <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a> with ISC cron -current, keeping the OpenBSD-specific <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=at&sektion=1">at(1)</a> integration. |
| |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=xconsole&sektion=1">xconsole(1)</a> run as user _x11 instead of root (like the X server,) and use privilege separation for the parts that need root. |
| |
<li>Add an empty cron.deny file, since POSIX requires that in the absence of cron.allow and cron.deny files, only root may run <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crontab&sektion=1">crontab(1)</a>. |
| <li>Fix a null deref triggered by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a>. |
<li>Fix a null deref triggered by <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a>. |
| <!-- ^ 20030220 --> |
<!-- ^ 20030220 --> |
| <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> rejects non-existent interfaces in rules using dynamic interface syntax. |
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> rejects non-existent interfaces in rules using dynamic interface syntax. |
| <li>Move /var/at files into /var/cron since <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=at&sektion=1">at(1)</a> is now a part of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
<li>Move /var/at files into /var/cron since <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=at&sektion=1">at(1)</a> is now a part of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cron&sektion=8">cron(8)</a>. |
| <li>Fix support for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> syntax (if)/24 (dynamic interface name translation with a network prefix.) |
<li>Fix support for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> syntax (if)/24 (dynamic interface name translation with a network prefix.) |
| <li><font color="#e00000"><strong>SECURITY FIX: February 22, 2003: In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.</strong></font><br> |
<li><font color="#e00000"><strong>SECURITY FIX: In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssl&sektion=8">ssl(8)</a> an information leak can occur via timing by performing a MAC computation even if incorrect block cipher padding has been found, this is a countermeasure. Also, check for negative sizes in memory allocation routines.</strong></font><br> |
| <a href="errata.html#ssl">A source code patch is available</a>.<br> |
<a href="errata.html#ssl">A source code patch is available</a>.<br> |
| <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| <li>Add a counter for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a> showing how often <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a> was skipped because the packet size was below the compression threshold. |
<li>Add a counter for <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=netstat&sektion=1">netstat(1)</a> showing how often <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipcomp&sektion=4">ipcomp(4)</a> was skipped because the packet size was below the compression threshold. |
|
|
| <!-- ^ 20030217 --> |
<!-- ^ 20030217 --> |
| <li>Improve default route setup in the installer. |
<li>Improve default route setup in the installer. |
| <li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> forced commands with 'PermitRootLogin forced-commands-only' set. |
<li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a> forced commands with 'PermitRootLogin forced-commands-only' set. |
| <li>Similar to the recent pid leak fix, stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> leaking inode numbers. More details in the <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/main/http_main.c?rev=1.28&content-type=text/x-cvsweb-markup&cvsroot=openbsd">checkin comment</a>. |
|
| <li>Some RFC-compliance fixes to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> multipart MIME pid leak fix. |
<li>Some RFC-compliance fixes to the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> multipart MIME pid leak fix. |
| <li>Clean up <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> macro parsing. |
<li>Clean up <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a> macro parsing. |
| <!-- ^ 20030216 --> |
<!-- ^ 20030216 --> |
|
|
| <li>Add support framework for LZS compression to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=9">crypto(9)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a>. |
<li>Add support framework for LZS compression to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypto&sektion=9">crypto(9)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipsec&sektion=4">ipsec(4)</a>. |
| <li>More write protection paranoia in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a>. |
<li>More write protection paranoia in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ld.so&sektion=1">ld.so(1)</a>. |
| <li>Make bsd.rd an install/upgrade target. |
<li>Make bsd.rd an install/upgrade target. |
| <li>Stop <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> leaking child process IDs in multipart MIME boundary separators. (See the <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/httpd/src/main/http_protocol.c?rev=1.15&content-type=text/x-cvsweb-markup&cvsroot=openbsd">checkin comment</a> for an example.) |
<li><font color="#e00000"><strong>SECURITY FIX: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.</strong></font><br> |
| |
<a href="errata.html#httpd">A source code patch is available</a>.<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| <li>Increase the size of the rates buffer in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> hostap so 802.11g stations can associate. |
<li>Increase the size of the rates buffer in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a> hostap so 802.11g stations can associate. |
| <li>When outputting raw IP and generating the header manually, make sure the packet is large enough for a full IP header. |
<li>When outputting raw IP and generating the header manually, make sure the packet is large enough for a full IP header. |
| <!-- ^ 20030215 --> |
<!-- ^ 20030215 --> |
|
|
| <li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> use tables instead of regular rules on an anchor. |
<li>Have <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8">spamd(8)</a> use tables instead of regular rules on an anchor. |
| <li>Improvements to ATAPI PIO mode selection. |
<li>Improvements to ATAPI PIO mode selection. |
| <li>Fix an mbuf leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a>. |
<li>Fix an mbuf leak in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=wi&sektion=4">wi(4)</a>. |
| <li>Really fix an <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lprm&sektion=1">lprm(1)</a> buffer overflow. |
<li><font color="#e00000"><strong>SECURITY FIX: A fix for an <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lprm&sektion=1">lprm(1)</a> bug made in 1996 contains an error that could lead to privilege escalation. For OpenBSD 3.2 the impact is limited since lprm(1) is setuid daemon, not setuid root.</strong></font><br> |
| |
<a href="errata.html#httpd">A source code patch is available</a>.<br> |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| <li>Finish nForce support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pciide&sektion=4">pciide(4)</a>. |
<li>Finish nForce support in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pciide&sektion=4">pciide(4)</a>. |
| <li>When <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> complains about an illegal netmask, have it show the offending article. |
<li>When <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> complains about an illegal netmask, have it show the offending article. |
| <!-- ^ 20030213 --> |
<!-- ^ 20030213 --> |
|
|
| <li>Copy the thread sources (including CVS history) from lib/libc_r to lib/pthread, and move libc_r into the Attic. |
<li>Copy the thread sources (including CVS history) from lib/libc_r to lib/pthread, and move libc_r into the Attic. |
| <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> show more information with -vvs[rn] for rules containing tables. |
<li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a> show more information with -vvs[rn] for rules containing tables. |
| <!-- ^ 20030120 --> |
<!-- ^ 20030120 --> |
| <li><font color="#e00000"><strong>SECURITY FIX: January 20, 2003: A double free in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a> could allow an attacker to execute code with the privileges of the user running cvs. This is only an issue when the cvs command is being run on a user's behalf as a different user. This means that, in most cases, the issue only exists for cvs configurations that use the pserver client/server connection method.</strong></font><br> |
<li><font color="#e00000"><strong>SECURITY FIX: A double free in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1">cvs(1)</a> could allow an attacker to execute code with the privileges of the user running cvs. This is only an issue when the cvs command is being run on a user's behalf as a different user. This means that, in most cases, the issue only exists for cvs configurations that use the pserver client/server connection method.</strong></font><br> |
| <a href="errata.html#cvs">A source code patch is available</a>.<br> |
<a href="errata.html#cvs">A source code patch is available</a>.<br> |
| <a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
| <li>Add an invalid ioctl sanity check to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gif&sektion=4">gif(4)</a>. |
<li>Add an invalid ioctl sanity check to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gif&sektion=4">gif(4)</a>. |
|
|
| <li>Implement legacy functions <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ecvt&sektion=3">ecvt(3)</a>, fcvt(3) and gcvt(3) for standards compliance. |
<li>Implement legacy functions <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ecvt&sektion=3">ecvt(3)</a>, fcvt(3) and gcvt(3) for standards compliance. |
| <li>Add <a href="http://www.trl.ibm.com/projects/security/ssp">propolice</a> stack attack protection into <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a>. |
<li>Add <a href="http://www.trl.ibm.com/projects/security/ssp">propolice</a> stack attack protection into <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc&sektion=1">gcc(1)</a>. |
| <li>Updated <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=unifdef&sektion=1">unifdef(1)</a>. |
<li>Updated <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=unifdef&sektion=1">unifdef(1)</a>. |
| |
<li>Make a copy of the return value of basename() before recording it in the bfd, fixes the "NEEDED crtend.o" problem that many ports had to work around. |
| |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> <!-- XXX 3.2-stable --> |
| <!-- ^ 20021202 --> |
<!-- ^ 20021202 --> |
| <li>Don't have the X server drop privileges if started by root and from a non-standard config path. |
<li>Don't have the X server drop privileges if started by root and from a non-standard config path. |
| <li>Tweaks and fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>'s ioctl code. |
<li>Tweaks and fixes to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>'s ioctl code. |
![[BACK]](/icons/back.gif){kind=icon}
Return to plus.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www