version 1.57, 2016/08/15 02:22:08 |
version 1.58, 2016/10/16 19:11:30 |
|
|
<li><a href="http://man.openbsd.org/?query=newsyslog&sektion=8">newsyslog(8)</a> now doesn't follow symbolic links by default, fixing PR1913. |
<li><a href="http://man.openbsd.org/?query=newsyslog&sektion=8">newsyslog(8)</a> now doesn't follow symbolic links by default, fixing PR1913. |
<li>Change web site banner to "One remote hole in the default install, in nearly 6 years!" That's still an awesome record. |
<li>Change web site banner to "One remote hole in the default install, in nearly 6 years!" That's still an awesome record. |
<li>More audit of OpenSSH. |
<li>More audit of OpenSSH. |
<li><a href="http://www.openssh.com/openbsd.html">OpenSSH 3.4</a> was released, and there was much rejoicing. |
<li><a href="https://www.openssh.com/openbsd.html">OpenSSH 3.4</a> was released, and there was much rejoicing. |
<li><font color="#e00000"><strong>SECURITY FIX: All versions of OpenSSH's <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. The problem is fixed in OpenSSH 3.4.</strong></font><br> |
<li><font color="#e00000"><strong>SECURITY FIX: All versions of OpenSSH's <a href="http://man.openbsd.org/?query=sshd&sektion=8">sshd(8)</a> between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. The problem is fixed in OpenSSH 3.4.</strong></font><br> |
<a href="errata31.html#sshd">A source code patch is available</a>.<br> |
<a href="errata31.html#sshd">A source code patch is available</a>.<br> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
|
|
<li>Increment <a href="http://man.openbsd.org/?query=boot&sektion=8&arch=i386">boot(8)</a> version to help debug the new memory probe and other fixes. |
<li>Increment <a href="http://man.openbsd.org/?query=boot&sektion=8&arch=i386">boot(8)</a> version to help debug the new memory probe and other fixes. |
<li>Make <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> less twitchy on quick inserts/ejects. |
<li>Make <a href="http://man.openbsd.org/?query=wi&sektion=4">wi(4)</a> less twitchy on quick inserts/ejects. |
<li>String handling and bounds checking fixes to <a href="http://man.openbsd.org/?query=login_fbtab&sektion=3">login_fbtab(3)</a>. |
<li>String handling and bounds checking fixes to <a href="http://man.openbsd.org/?query=login_fbtab&sektion=3">login_fbtab(3)</a>. |
<li>Bump <a href="http://www.openssh.com/">OpenSSH</a> to version 3.3.<br> |
<li>Bump <a href="https://www.openssh.com/">OpenSSH</a> to version 3.3.<br> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<a href="stable.html"><font color="#00b000">[Applied to stable]</font></a> |
<li>Start adding <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> support to <a href="http://man.openbsd.org/?query=noct&sektion=4">noct(4)</a>. |
<li>Start adding <a href="http://man.openbsd.org/?query=kqueue&sektion=2">kqueue(2)</a> support to <a href="http://man.openbsd.org/?query=noct&sektion=4">noct(4)</a>. |
<li>System call argument rewriting framework for <a href="http://man.openbsd.org/?query=systrace&sektion=4">systrace(4)</a>. |
<li>System call argument rewriting framework for <a href="http://man.openbsd.org/?query=systrace&sektion=4">systrace(4)</a>. |
|
|
<li>rasops instead of rcons for <a href="http://man.openbsd.org/?query=vgafb&sektion=4&arch=sparc64">vgafb(4/SPARC64)</a>. |
<li>rasops instead of rcons for <a href="http://man.openbsd.org/?query=vgafb&sektion=4&arch=sparc64">vgafb(4/SPARC64)</a>. |
<li>Add xsystrace(1) [no manpage yet] UI for <a href="http://man.openbsd.org/?query=systrace&sektion=4">systrace(4)</a>. |
<li>Add xsystrace(1) [no manpage yet] UI for <a href="http://man.openbsd.org/?query=systrace&sektion=4">systrace(4)</a>. |
<li> Add sbus <a href="http://man.openbsd.org/?query=bwtwo&sektion=4&arch=sparc">bwtwo(4)</a> mono framebuffer support (untested). |
<li> Add sbus <a href="http://man.openbsd.org/?query=bwtwo&sektion=4&arch=sparc">bwtwo(4)</a> mono framebuffer support (untested). |
<li>PrivSep'd <a href="http://www.openssh.com/">ssh</a> monitor processes check each authentication method is enabled before use. |
<li>PrivSep'd <a href="https://www.openssh.com/">ssh</a> monitor processes check each authentication method is enabled before use. |
<li><a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a> userland import. |
<li><a href="http://man.openbsd.org/?query=systrace&sektion=1">systrace(1)</a> userland import. |
<li>Use <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> for <a href="http://man.openbsd.org/?query=rtadvd&sektion=8">rtadvd(8)</a>. |
<li>Use <a href="http://man.openbsd.org/?query=arc4random&sektion=3">arc4random(3)</a> for <a href="http://man.openbsd.org/?query=rtadvd&sektion=8">rtadvd(8)</a>. |
<li>Make <a href="http://man.openbsd.org/?query=nice&sektion=3">nice(3)</a> standards compliant. |
<li>Make <a href="http://man.openbsd.org/?query=nice&sektion=3">nice(3)</a> standards compliant. |
|
|
<li>Clue in <a href="http://man.openbsd.org/?query=inetd&sektion=8">inetd(8)</a> to IPv6 FTP bounce attacks. |
<li>Clue in <a href="http://man.openbsd.org/?query=inetd&sektion=8">inetd(8)</a> to IPv6 FTP bounce attacks. |
<li>Fix /etc/ptmp deletion bug that occurred if <a href="http://man.openbsd.org/?query=rmuser&sektion=8">rmuser(8)</a> was aborted. |
<li>Fix /etc/ptmp deletion bug that occurred if <a href="http://man.openbsd.org/?query=rmuser&sektion=8">rmuser(8)</a> was aborted. |
<li>IBSS mode for Symbol cards (firmware >= 2.5) using the <a href="http://man.openbsd.org/?query=wi">wi(4)</a> driver. |
<li>IBSS mode for Symbol cards (firmware >= 2.5) using the <a href="http://man.openbsd.org/?query=wi">wi(4)</a> driver. |
<li>Add leading-zero padding to RSA signatures in <a href="http://www.openssh.com/">ssh</a>. |
<li>Add leading-zero padding to RSA signatures in <a href="https://www.openssh.com/">ssh</a>. |
<li>Tweak <a href="http://man.openbsd.org/?query=altq&sektion=9">altq(9)</a> <a href="http://man.openbsd.org/?query=options&sektion=4">options(4)</a> so the kernel compiles on i[34]86. |
<li>Tweak <a href="http://man.openbsd.org/?query=altq&sektion=9">altq(9)</a> <a href="http://man.openbsd.org/?query=options&sektion=4">options(4)</a> so the kernel compiles on i[34]86. |
<li>Add support in the <a href="http://man.openbsd.org/?query=fxp&sektion=4">fxp(4)</a> driver for more Intel PRO/100 VM cards. |
<li>Add support in the <a href="http://man.openbsd.org/?query=fxp&sektion=4">fxp(4)</a> driver for more Intel PRO/100 VM cards. |
<li>For those that do metric but refuse to work in meters and kilograms, <a href="http://www.unc.edu/~rowlett/units/dictK.html">kayser</a> conversion has been added to <a href="http://man.openbsd.org/?query=units&sektion=1">units(1)</a>. Wow. |
<li>For those that do metric but refuse to work in meters and kilograms, <a href="http://www.unc.edu/~rowlett/units/dictK.html">kayser</a> conversion has been added to <a href="http://man.openbsd.org/?query=units&sektion=1">units(1)</a>. Wow. |