www/plus58.html - diff

Return to plus58.html CVS log

Up to [local] / www

Diff for /www/plus58.html between version 1.24 and 1.25

version 1.24, 2019/04/08 16:14:55

version 1.25, 2019/05/27 22:55:25

Line 1

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<!doctype html>

<html>

<head>

<title>OpenBSD 5.8 Changelog</title>

</head>

<style>

strong {

color: var(--red);

font-weight: normal;

}

h3 {

color: var(--blue);

}

</style>

<h2>

OpenBSD</a>

OpenBSD</a>

5.8 Changelog

5.8 Changelog

</h2>

<hr>

Line 27

Line 33

or use <a href="anoncvs.html#CVS">CVS</a>.

Note: Problems for which patches exist are marked in red.

Note: Problems for which patches exist are marked in red.

For changes in other releases, click below:

Line 82

Line 88

<h3>Changes made between OpenBSD 5.7 and 5.8</h3>

<h3>Changes made between OpenBSD 5.7 and 5.8</h3>

<ul>

Line 119

Line 125

<li>Fix a potential out-of-bounds read in <a href="https://man.openbsd.org/OpenBSD-current/man3/fnmatch.3">fnmatch(3)</a>.

<li>On armv7, make use of u-boot 2015.07's unified wandboard config to provide a miniroot to cover all current wandboard variations.

<li>5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a>-style diffs. A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a>-style diffs. A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>.

<li>Prevent substitution commands ("s///") with a newline in the replacement pattern from confusing <a href="https://man.openbsd.org/OpenBSD-current/man1/patch.1">patch(1)</a> about the state of the <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a> child process is in.

<li>Turn off POOL_DEBUG for release.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, repair HSTS header output.

Line 158

Line 164

<li>On mips64, allow coalescing of IPI requests on mips64, to make IPI sending non-blocking.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, permit <a href="https://man.openbsd.org/OpenBSD-current/man2/kbind.2">kbind(2)</a> use in the sandbox.

<li>Enforce <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a> by disabling all TAME_ flags if tame_fail() is reached, not only if TAME_ABORT is set.

<li>5.6 and 5.7 SECURITY FIX: the patch utility could be made to invoke arbitrary commands via the obsolete RCS support when processing a crafted input file. A source code patch exists for <a href="errata56.html#029_patch">5.6</a> and <a href="errata57.html#012_execve">5.7</a>. These patches remove the RCS support.

<li>5.6 and 5.7 SECURITY FIX: the patch utility could be made to invoke arbitrary commands via the obsolete RCS support when processing a crafted input file. A source code patch exists for <a href="errata56.html#029_patch">5.6</a> and <a href="errata57.html#012_execve">5.7</a>. These patches remove the RCS support.

<li>5.6 and 5.7 SECURITY FIX: a kernel memory leak could be triggered by an unprivileged user in a failure case when using execve under systrace. A source code patch exists for <a href="errata56.html#028_execve">5.6</a> and <a href="errata57.html#011_execve">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: a kernel memory leak could be triggered by an unprivileged user in a failure case when using execve under systrace. A source code patch exists for <a href="errata56.html#028_execve">5.6</a> and <a href="errata57.html#011_execve">5.7</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/radiusd.8">radiusd(8)</a>, make the modules priviledge-separated.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/tmux.1">tmux(1)</a>, make -q suppress ambiguous option warnings too.

Line 435

Line 441

<li>Flense out dead code (Coverity CIDs 21691 and 21698).

</ul>

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, allow the certificate and key to each be almost 16 kB rather than having a combined total of less than 16 kB.

<li>5.6 and 5.7 SECURITY FIX: a TCP socket can become confused and not properly cleanup resources. A source code patch exists for <a href="errata56.html#027_tcp">5.6</a> and <a href="errata57.html#010_tcp">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: a TCP socket can become confused and not properly cleanup resources. A source code patch exists for <a href="errata56.html#027_tcp">5.6</a> and <a href="errata57.html#010_tcp">5.7</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>:

<ul>

<li>Fix memory leaks that can occur when config_getserver() fails.

Line 644

Line 650

<li>Add four new sensors to <a href="https://man.openbsd.org/OpenBSD-current/man4/upd.4">upd(4)</a>.

<li>On mips64, let alloc_contiguous_pages() round the allocation size to a page boundary, not to a u-area boundary.

<li>On sgi, clear the PIC `write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't.

<li>On sgi, clear the PIC 'write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't.

<li>Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. This will simplify garbage collection of mbufs and limit problems with dangling ifp pointers.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sylogd.8">syslogd(8)</a>, implement -F to stay in the foreground.

Line 675

Line 681

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/pppd.8">pppd(8)</a>, use memmove() for potentially overlapping regions.

<li>Fix <a href="https://man.openbsd.org/OpenBSD-current/man4/rtwn.4">rtwn(4)</a> wifi LED support.

<li>5.6 and 5.7 SECURITY FIX: several defects from OpenSSL (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792). For more information, see the <a href="https://www.openssl.org/news/secadv_20150611.txt">OpenSSL advisory</a>. A source code patch exists for <a href="errata56.html#026_openssl">5.6</a> and <a href="errata57.html#009_openssl">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: several defects from OpenSSL (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792). For more information, see the <a href="https://www.openssl.org/news/secadv_20150611.txt">OpenSSL advisory</a>. A source code patch exists for <a href="errata56.html#026_openssl">5.6</a> and <a href="errata57.html#009_openssl">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: multiple reliability issues in smtpd. A source code patch exists for <a href="errata56.html#025_smtpd">5.6</a> and <a href="errata57.html#008_smtpd">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: multiple reliability issues in smtpd. A source code patch exists for <a href="errata56.html#025_smtpd">5.6</a> and <a href="errata57.html#008_smtpd">5.7</a>.

<li>In libiberty, prevent an integer overflow leading to a heap-buffer overflow (CVE-2012-3509).

<li>In LibreSSL:

<ul>

Line 748

Line 754

<li>On sparc, override PIE range constants with a variable which is decided at runtime, in order to only enable PIE on sun4m which has a large enough address space.

<li>In the lazy binding routine, make sure we actually allocate the stack we need, instead of corrupting the caller's stack by mistake. This fixes segfaults in __powerpc_read_tcb() reported on earlier G3 systems.

<li>Enable secureplt by default on alpha.

<li>Allow <a href="https://man.openbsd.org/OpenBSD-current/man1/gcc.1">gcc(1) to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default.

<li>Allow <a href="https://man.openbsd.org/OpenBSD-current/man1/gcc.1">gcc(1)</a> to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default.

<li>Switch m88k ports to binutils 2.17.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/relayd.8">relayd(8)</a>, fix a memory leak in an error path.

Line 992

Line 998

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods.

<li>Pass fflag to VOP_POLL so vfs fifo functions can get at the file flags to check FREAD/FWRITE if needed.

<li>Avoid a NULL dereference in fd_getfile_mode().

<li>5.6 and 5.7 SECURITY FIX: a remote user can crash <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>. A source code patch exists for <a href="errata56.html#022_httpd">5.6</a> and <a href="errata57.html#005_httpd">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: a remote user can crash <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>. A source code patch exists for <a href="errata56.html#022_httpd">5.6</a> and <a href="errata57.html#005_httpd">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: multiple issues in <a href="https://man.openbsd.org/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/tar.1">tar(1)</a>. A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: multiple issues in <a href="https://man.openbsd.org/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/tar.1">tar(1)</a>. A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>.

<li>Don't add a separate .got.plt section as it would result in a partially writable GOT. <a href="https://man.openbsd.org/OpenBSD-current/man1/ld.so.1">ld.so(1)</a> will properly write-protect the single .got.

<li>Prevent a use after free in <a href="https://man.openbsd.org/OpenBSD-current/man4/tun.4">tun(4)</a>.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man4/ix.4">ix(4)</a>, set the correct media type for 1000baseLX SFPs.

Line 1134

Line 1140

<li>Rewrite of tmux mouse support which was a mess.

<li>Honour renumber-windows when unlinking a window.

</ul>

<li>5.5, 5.6 and 5.7 SECURITY FIX: logic error in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> handling of SNI. A source patch is available for <a href="errata55.html#025_smtpd">5.5</a>, <a href="errata56.html#021_smtpd">5.6</a> and <a href="errata57.html#004_smtpd">5.7</a>.

<li>5.5, 5.6 and 5.7 SECURITY FIX: logic error in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> handling of SNI. A source patch is available for <a href="errata55.html#025_smtpd">5.5</a>, <a href="errata56.html#021_smtpd">5.6</a> and <a href="errata57.html#004_smtpd">5.7</a>.

<li>Fix incorrect logic in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> that could lead to unexpected client disconnect, invalid certificate in SNI negotiation or server crash.

<li>Add support for x2apic mode. This is currently only enabled on hypervisors.

<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, if an explicit line break request (.br or .sp) occurs within an .HP block, the next line doesn't hang, but is simply indented.

Line 1380

Line 1386

<li>Fix a memory leak in an error path in LibreSSL (from OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f).

<li>Fix a small memory leak in <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a>.

<li>5.6 and 5.7 SECURITY FIX: several crash causing defects in OpenSSL (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288 and CVE-2015-0289). A source code patch is available for <a href="errata56.html#020_openssl">5.6</a> and <a href="errata57.html#003_openssl">5.7</a>.

<li>5.6 and 5.7 SECURITY FIX: several crash causing defects in OpenSSL (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288 and CVE-2015-0289). A source code patch is available for <a href="errata56.html#020_openssl">5.6</a> and <a href="errata57.html#003_openssl">5.7</a>.

<li>5.5 SECURITY FIX: two possible crash causing defects in OpenSSL (CVE-2015-0286 and CVE-2015-0292). A source code patch is available for <a href="errata55.html#024_openssl">5.5</a>.

<li>5.5 SECURITY FIX: two possible crash causing defects in OpenSSL (CVE-2015-0286 and CVE-2015-0292). A source code patch is available for <a href="errata55.html#024_openssl">5.5</a>.

<li>Fix CVE-2015-0209, CVE-2015-0286, CVE-2015-0287 and CVE-2015-0289 in LibreSSL.

<li>Deal with half-configured control pipes in dwc2, using the same workaround as in <a href="https://man.openbsd.org/OpenBSD-current/man4/ehci.4">ehci(4)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man4/ohci.4">ohci(4)</a>.

Line 1395

Line 1401

<li>Reenable the pa1.1 fallback code for sha256 on hppa.

<li>"Handle" wccp2 packets if net.inet.gre.wccp is set to 2 by truncating skipping the wccp 2 header.

<li>5.5, 5.6 and 5.7 SECURITY FIX: buffer overflows in libXfont (CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804). A source code patch is available for <a href="errata55.html#023_libxfont">5.5</a>, <a href="errata56.html#019_libxfont">5.6</a> and <a href="errata57.html#002_libxfont">5.7</a>.

<li>5.5, 5.6 and 5.7 SECURITY FIX: buffer overflows in libXfont (CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804). A source code patch is available for <a href="errata55.html#023_libxfont">5.5</a>, <a href="errata56.html#019_libxfont">5.6</a> and <a href="errata57.html#002_libxfont">5.7</a>.

<li>Update to libXfont 1.5.1 which contains fixes for CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804.

<li>Fix swap auto-allocation in <a href="https://man.openbsd.org/OpenBSD-current/man8/disklabel.8">disklabel(8)</a> for machines with very little memory.

<li>Replace <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a> with the implementation from FreeBSD.

Line 1470

Line 1476

<li>Correct buffer overflow in handling of pax extension headers, caught by the memcpy() overlap check.

</ul>

</body>

</html>