===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.887
retrieving revision 1.888
diff -u -r1.887 -r1.888
--- www/plus.html 2003/09/15 21:51:02 1.887
+++ www/plus.html 2003/09/23 21:49:10 1.888
@@ -52,10 +52,25 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to September 10.
+The following list sums up (almost) all the changes made up to September 17.
+- SECURITY FIX: A buffer overflow in the address parsing in sendmail(8) may allow an attacker to gain root privileges.
+ A source code patch is available.
+ [Applied to stable]
+
+ - Bump OpenSSH version to 3.7.1 after the buffer management fixes.
+
- SECURITY FIX: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is unclear whether or not this bug is exploitable.
+ A source code patch is available.
+ [Applied to stable]
+
+
+
+
+
+ - On i386, don't try to enable EDD support if the BIOS doesn't support extended disk access.
+
- SECURITY FIX: Root may be able to reduce the security level by taking advantage of an integer overflow when the semaphore limits are made very large.
A source code patch is available.
@@ -76,7 +91,7 @@
- Stop pppctl(8) coredumping (PR#3454.)
- Fix i386 hang on 'boot -a' (PR#2122, PR#3437.)
-
- Have the upgrader script perform the ssl -> openssl includes dir change, both in /usr/include and /usr/libdata/perl5/site_perl/*-openbsd.
+
- Have the upgrader script perform the ssl -> openssl includes dir change, both in /usr/include and /usr/libdata/perl5/site_perl/*-openbsd.
- Make strxfrm(3) standards-compliant.
- Machine-dependent installation notes added or updated. Note especially upgrade instructions for i386.
- Add a wi_detach() function for, uh, wi(4) and use it to shut down PC cards properly.
@@ -109,7 +124,7 @@
- Bump eephy(4)'s mode autonegotiation timeout to 5s so slow copper switches can do their work. Fixes sk(4) boottime problems.
- Change vi(1) to use a dynamic select(2) fd_set for curses mode, and poll(2) in ex(1) mode.
- More conservative settings and an additional error check for aac(4) to improve reliability.
-
- 3.4-beta -> 3.4.
+
- 3.4-beta -> 3.4.
- Disable the patented TrueType bytecode interpreter code in freetype.
- Sync up the X fontconfig int overflow fixes with those in the XFree86.org repository.
- Add '?' and '!' as punctuation characters in mdoc(7). Lots of manual pages updated to reflect this.
@@ -117,7 +132,8 @@
- Add a random offset in the range 0-256MB to the address returned to uvm_map(9) by uvm_map_hint(), scattering libraries and mmaps about the place.
- Fix old-style suser() calls in atalk(4).
- Fix a use-after-free in libutil check_expire(3).
-
- Bump OpenSSH version to 3.7.
+
- Bump OpenSSH version to 3.7.
+ [Applied to stable]
- Fix symbol lookup in objects opened with dlopen(3) (PR#3371.)
- Add Solaris-compatible RTLD_* defines in <dlfch.h>.
@@ -265,7 +281,7 @@
- Some nice robustness-in-the-face-of-spam tweaks to the example sendmail(8) config in cf/courtesan.mc.
- Do dynamic select(2) fd_set allocation in nfsd(8).
- Handle realloc(3) failure nicely in the libedit tokenizer.
-
- 3.3-current -> 3.4-beta.
+
- 3.3-current -> 3.4-beta.
- Implement CLOCK_MONOTONIC for clock_gettime(2). From NetBSD.
- Don't attach a le(4) device if the interrupt for it can't be established.
@@ -298,7 +314,7 @@
- Have procfs copy its mount options into statfs.mount_info.
- Add a debugging lever that forces patch(1) to use plan B.
- In patch(1) plan A, use mmap(2) instead of read(2)/malloc(3).
-
- strlcpy() -> strncpy() in bos(8), un-busting the AFS wire protocol.
+
- strlcpy() -> strncpy() in bos(8), un-busting the AFS wire protocol.
- Merge in ARLA -current, set version to 'arla-20030805'.
- systrace(1) updates from NetBSD and monkey.org.
@@ -520,7 +536,7 @@
[Applied to stable]
- Fix an off-by-one in kernel ext2fs filesystem code, the first ext2 inode is numbered one not zero.
[Applied to stable]
- - Further strn*() -> strl*() fixes.
+
- Further strn*() -> strl*() fixes.
- Back out routing socket exact match fix after reports of problems.
@@ -615,7 +631,7 @@
[Applied to stable]
- Make pf(4)'s route-to option work for IPv6 link-local addresses.
- Reintroduce some routing socket code (lost in a previous update) that could cause less-specific routes to be updated by mistake.
-
- Lots of int -> u_int in ssh(1).
+
- Lots of int -> u_int in ssh(1).
- IPv6 neighbour discovery updates from KAME.
- Avoid using regexes completely for simple string searches in grep(1).
@@ -1354,7 +1370,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.887 2003/09/15 21:51:02 deraadt Exp $
+
$OpenBSD: plus.html,v 1.888 2003/09/23 21:49:10 deraadt Exp $