version 1.24, 2019/04/08 16:14:55 |
version 1.25, 2019/05/27 22:55:25 |
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
<!doctype html> |
<html> |
<html lang=en id=plus> |
<head> |
<meta charset=utf-8> |
<title>OpenBSD 5.8 Changelog</title> |
<title>OpenBSD 5.8 Changelog</title> |
<meta name="description" content="OpenBSD 5.8 changes"> |
<meta name="description" content="OpenBSD 5.8 changes"> |
<meta name="copyright" content="This document copyright 1996-2012 by OpenBSD."> |
|
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<meta name="viewport" content="width=device-width, initial-scale=1"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="stylesheet" type="text/css" href="openbsd.css"> |
<link rel="canonical" href="https://www.openbsd.org/plus58.html"> |
<link rel="canonical" href="https://www.openbsd.org/plus58.html"> |
</head> |
<style> |
|
strong { |
|
color: var(--red); |
|
font-weight: normal; |
|
} |
|
|
<body bgcolor="#ffffff" text="#000000" link="#23238e"> |
h3 { |
|
color: var(--blue); |
|
} |
|
</style> |
|
|
<h2> |
<h2 id=OpenBSD> |
<a href="index.html"> |
<a href="index.html"> |
<font color="#0000ff"><i>Open</i></font><font color="#000084">BSD</font></a> |
<i>Open</i><b>BSD</b></a> |
<font color="#e00000">5.8 Changelog</font> |
5.8 Changelog |
</h2> |
</h2> |
<hr> |
<hr> |
|
|
|
|
or use <a href="anoncvs.html#CVS">CVS</a>. |
or use <a href="anoncvs.html#CVS">CVS</a>. |
|
|
<p> |
<p> |
Note: <font color="#e00000">Problems for which patches exist are marked in red</font>. |
Note: <strong>Problems for which patches exist are marked in red</strong>. |
|
|
<p> |
<p> |
For changes in other releases, click below:<br> |
For changes in other releases, click below:<br> |
|
|
<br> |
<br> |
|
|
<p> |
<p> |
<h3><font color="#0000e0">Changes made between OpenBSD 5.7 and 5.8</font></h3> |
<h3>Changes made between OpenBSD 5.7 and 5.8</h3> |
<p> |
<p> |
|
|
<ul> |
<ul> |
|
|
<li>Fix a potential out-of-bounds read in <a href="https://man.openbsd.org/OpenBSD-current/man3/fnmatch.3">fnmatch(3)</a>. |
<li>Fix a potential out-of-bounds read in <a href="https://man.openbsd.org/OpenBSD-current/man3/fnmatch.3">fnmatch(3)</a>. |
<!-- 2015-07-30 --> |
<!-- 2015-07-30 --> |
<li>On armv7, make use of u-boot 2015.07's unified wandboard config to provide a miniroot to cover all current wandboard variations. |
<li>On armv7, make use of u-boot 2015.07's unified wandboard config to provide a miniroot to cover all current wandboard variations. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a>-style diffs.</font><br>A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: the patch utility could become desyncronized processing <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a>-style diffs.</strong><br>A source code patch exists for <a href="errata56.html#030_patch">5.6</a> and <a href="errata57.html#013_execve">5.7</a>. |
<li>Prevent substitution commands ("s///") with a newline in the replacement pattern from confusing <a href="https://man.openbsd.org/OpenBSD-current/man1/patch.1">patch(1)</a> about the state of the <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a> child process is in. |
<li>Prevent substitution commands ("s///") with a newline in the replacement pattern from confusing <a href="https://man.openbsd.org/OpenBSD-current/man1/patch.1">patch(1)</a> about the state of the <a href="https://man.openbsd.org/OpenBSD-current/man1/ed.1">ed(1)</a> child process is in. |
<li>Turn off POOL_DEBUG for release. |
<li>Turn off POOL_DEBUG for release. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, repair HSTS header output. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, repair HSTS header output. |
|
|
<li>On mips64, allow coalescing of IPI requests on mips64, to make IPI sending non-blocking. |
<li>On mips64, allow coalescing of IPI requests on mips64, to make IPI sending non-blocking. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, permit <a href="https://man.openbsd.org/OpenBSD-current/man2/kbind.2">kbind(2)</a> use in the sandbox. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, permit <a href="https://man.openbsd.org/OpenBSD-current/man2/kbind.2">kbind(2)</a> use in the sandbox. |
<li>Enforce <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a> by disabling all TAME_ flags if tame_fail() is reached, not only if TAME_ABORT is set. |
<li>Enforce <a href="https://man.openbsd.org/OpenBSD-5.8/man2/tame.2">tame(2)</a> by disabling all TAME_ flags if tame_fail() is reached, not only if TAME_ABORT is set. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: the patch utility could be made to invoke arbitrary commands via the obsolete RCS support when processing a crafted input file.</font><br>A source code patch exists for <a href="errata56.html#029_patch">5.6</a> and <a href="errata57.html#012_execve">5.7</a>. These patches remove the RCS support. |
<li><strong>5.6 and 5.7 SECURITY FIX: the patch utility could be made to invoke arbitrary commands via the obsolete RCS support when processing a crafted input file.</strong><br>A source code patch exists for <a href="errata56.html#029_patch">5.6</a> and <a href="errata57.html#012_execve">5.7</a>. These patches remove the RCS support. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: a kernel memory leak could be triggered by an unprivileged user in a failure case when using execve under systrace.</font><br>A source code patch exists for <a href="errata56.html#028_execve">5.6</a> and <a href="errata57.html#011_execve">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: a kernel memory leak could be triggered by an unprivileged user in a failure case when using execve under systrace.</strong><br>A source code patch exists for <a href="errata56.html#028_execve">5.6</a> and <a href="errata57.html#011_execve">5.7</a>. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/radiusd.8">radiusd(8)</a>, make the modules priviledge-separated. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/radiusd.8">radiusd(8)</a>, make the modules priviledge-separated. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/tmux.1">tmux(1)</a>, make -q suppress ambiguous option warnings too. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/tmux.1">tmux(1)</a>, make -q suppress ambiguous option warnings too. |
<!-- 2015-07-26 --> |
<!-- 2015-07-26 --> |
|
|
<li>Flense out dead code (Coverity CIDs 21691 and 21698). |
<li>Flense out dead code (Coverity CIDs 21691 and 21698). |
</ul> |
</ul> |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, allow the certificate and key to each be almost 16 kB rather than having a combined total of less than 16 kB. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>, allow the certificate and key to each be almost 16 kB rather than having a combined total of less than 16 kB. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: a TCP socket can become confused and not properly cleanup resources.</font><br>A source code patch exists for <a href="errata56.html#027_tcp">5.6</a> and <a href="errata57.html#010_tcp">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: a TCP socket can become confused and not properly cleanup resources.</strong><br>A source code patch exists for <a href="errata56.html#027_tcp">5.6</a> and <a href="errata57.html#010_tcp">5.7</a>. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>: |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>: |
<ul> |
<ul> |
<li>Fix memory leaks that can occur when config_getserver() fails. |
<li>Fix memory leaks that can occur when config_getserver() fails. |
|
|
<li>Add four new sensors to <a href="https://man.openbsd.org/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<li>Add four new sensors to <a href="https://man.openbsd.org/OpenBSD-current/man4/upd.4">upd(4)</a>. |
<!-- 2015-06-16 --> |
<!-- 2015-06-16 --> |
<li>On mips64, let alloc_contiguous_pages() round the allocation size to a page boundary, not to a u-area boundary. |
<li>On mips64, let alloc_contiguous_pages() round the allocation size to a page boundary, not to a u-area boundary. |
<li>On sgi, clear the PIC `write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't. |
<li>On sgi, clear the PIC 'write request' memory at initialization time. There is apparently a risk of spurious parity errors if we don't. |
<li>Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. This will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. |
<li>Store a unique ID, an interface index, rather than a pointer to the receiving interface in the packet header of every mbuf. This will simplify garbage collection of mbufs and limit problems with dangling ifp pointers. |
<!-- 2015-06-15 --> |
<!-- 2015-06-15 --> |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sylogd.8">syslogd(8)</a>, implement -F to stay in the foreground. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sylogd.8">syslogd(8)</a>, implement -F to stay in the foreground. |
|
|
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/pppd.8">pppd(8)</a>, use memmove() for potentially overlapping regions. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/pppd.8">pppd(8)</a>, use memmove() for potentially overlapping regions. |
<li>Fix <a href="https://man.openbsd.org/OpenBSD-current/man4/rtwn.4">rtwn(4)</a> wifi LED support. |
<li>Fix <a href="https://man.openbsd.org/OpenBSD-current/man4/rtwn.4">rtwn(4)</a> wifi LED support. |
<!-- 2015-06-11 --> |
<!-- 2015-06-11 --> |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: several defects from OpenSSL (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792). For more information, see the <a href="https://www.openssl.org/news/secadv_20150611.txt">OpenSSL advisory</a>.</font><br>A source code patch exists for <a href="errata56.html#026_openssl">5.6</a> and <a href="errata57.html#009_openssl">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: several defects from OpenSSL (CVE-2015-1788, CVE-2015-1789, CVE-2015-1792). For more information, see the <a href="https://www.openssl.org/news/secadv_20150611.txt">OpenSSL advisory</a>.</strong><br>A source code patch exists for <a href="errata56.html#026_openssl">5.6</a> and <a href="errata57.html#009_openssl">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: multiple reliability issues in smtpd.</font><br>A source code patch exists for <a href="errata56.html#025_smtpd">5.6</a> and <a href="errata57.html#008_smtpd">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: multiple reliability issues in smtpd.</strong><br>A source code patch exists for <a href="errata56.html#025_smtpd">5.6</a> and <a href="errata57.html#008_smtpd">5.7</a>. |
<li>In libiberty, prevent an integer overflow leading to a heap-buffer overflow (CVE-2012-3509). |
<li>In libiberty, prevent an integer overflow leading to a heap-buffer overflow (CVE-2012-3509). |
<li>In LibreSSL: |
<li>In LibreSSL: |
<ul> |
<ul> |
|
|
<li>On sparc, override PIE range constants with a variable which is decided at runtime, in order to only enable PIE on sun4m which has a large enough address space. |
<li>On sparc, override PIE range constants with a variable which is decided at runtime, in order to only enable PIE on sun4m which has a large enough address space. |
<li>In the lazy binding routine, make sure we actually allocate the stack we need, instead of corrupting the caller's stack by mistake. This fixes segfaults in __powerpc_read_tcb() reported on earlier G3 systems. |
<li>In the lazy binding routine, make sure we actually allocate the stack we need, instead of corrupting the caller's stack by mistake. This fixes segfaults in __powerpc_read_tcb() reported on earlier G3 systems. |
<li>Enable secureplt by default on alpha. |
<li>Enable secureplt by default on alpha. |
<li>Allow <a href="https://man.openbsd.org/OpenBSD-current/man1/gcc.1">gcc(1) to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default. |
<li>Allow <a href="https://man.openbsd.org/OpenBSD-current/man1/gcc.1">gcc(1)</a> to produce more precise relocation information on alpha. This will be necessary to enable secureplt by default. |
<li>Switch m88k ports to binutils 2.17. |
<li>Switch m88k ports to binutils 2.17. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/relayd.8">relayd(8)</a>, fix a memory leak in an error path. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/relayd.8">relayd(8)</a>, fix a memory leak in an error path. |
<!-- 2015-05-31 --> |
<!-- 2015-05-31 --> |
|
|
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man8/sshd.8">sshd(8)</a>, prevent authorized_keys options picked up on public key tests without a corresponding private key authentication being applied to other authentication methods. |
<li>Pass fflag to VOP_POLL so vfs fifo functions can get at the file flags to check FREAD/FWRITE if needed. |
<li>Pass fflag to VOP_POLL so vfs fifo functions can get at the file flags to check FREAD/FWRITE if needed. |
<li>Avoid a NULL dereference in fd_getfile_mode(). |
<li>Avoid a NULL dereference in fd_getfile_mode(). |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: a remote user can crash <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>.</font><br>A source code patch exists for <a href="errata56.html#022_httpd">5.6</a> and <a href="errata57.html#005_httpd">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: a remote user can crash <a href="https://man.openbsd.org/OpenBSD-current/man8/httpd.8">httpd(8)</a>.</strong><br>A source code patch exists for <a href="errata56.html#022_httpd">5.6</a> and <a href="errata57.html#005_httpd">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory</font><br>A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: malformed binaries could trigger kernel panics or view kernel memory</strong><br>A source code patch exists for <a href="errata56.html#023_elf">5.6</a> and <a href="errata57.html#006_elf">5.7</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: multiple issues in <a href="https://man.openbsd.org/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/tar.1">tar(1)</a>.</font><br>A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: multiple issues in <a href="https://man.openbsd.org/OpenBSD-current/man1/cpio.1">cpio(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/pax.1">pax(1)</a>/<a href="https://man.openbsd.org/OpenBSD-current/man1/tar.1">tar(1)</a>.</strong><br>A source code patch exists for <a href="errata56.html#024_tar">5.6</a> and <a href="errata57.html#007_tar">5.7</a>. |
<li>Don't add a separate .got.plt section as it would result in a partially writable GOT. <a href="https://man.openbsd.org/OpenBSD-current/man1/ld.so.1">ld.so(1)</a> will properly write-protect the single .got. |
<li>Don't add a separate .got.plt section as it would result in a partially writable GOT. <a href="https://man.openbsd.org/OpenBSD-current/man1/ld.so.1">ld.so(1)</a> will properly write-protect the single .got. |
<li>Prevent a use after free in <a href="https://man.openbsd.org/OpenBSD-current/man4/tun.4">tun(4)</a>. |
<li>Prevent a use after free in <a href="https://man.openbsd.org/OpenBSD-current/man4/tun.4">tun(4)</a>. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man4/ix.4">ix(4)</a>, set the correct media type for 1000baseLX SFPs. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man4/ix.4">ix(4)</a>, set the correct media type for 1000baseLX SFPs. |
|
|
<li>Rewrite of tmux mouse support which was a mess. |
<li>Rewrite of tmux mouse support which was a mess. |
<li>Honour renumber-windows when unlinking a window. |
<li>Honour renumber-windows when unlinking a window. |
</ul> |
</ul> |
<li><font color="#e00000">5.5, 5.6 and 5.7 SECURITY FIX: logic error in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> handling of SNI.</font><br>A source patch is available for <a href="errata55.html#025_smtpd">5.5</a>, <a href="errata56.html#021_smtpd">5.6</a> and <a href="errata57.html#004_smtpd">5.7</a>. |
<li><strong>5.5, 5.6 and 5.7 SECURITY FIX: logic error in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> handling of SNI.</strong><br>A source patch is available for <a href="errata55.html#025_smtpd">5.5</a>, <a href="errata56.html#021_smtpd">5.6</a> and <a href="errata57.html#004_smtpd">5.7</a>. |
<li>Fix incorrect logic in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> that could lead to unexpected client disconnect, invalid certificate in SNI negotiation or server crash. |
<li>Fix incorrect logic in <a href="https://man.openbsd.org/OpenBSD-current/man8/smtpd.8">smtpd(8)</a> that could lead to unexpected client disconnect, invalid certificate in SNI negotiation or server crash. |
<li>Add support for x2apic mode. This is currently only enabled on hypervisors. |
<li>Add support for x2apic mode. This is currently only enabled on hypervisors. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, if an explicit line break request (.br or .sp) occurs within an .HP block, the next line doesn't hang, but is simply indented. |
<li>In <a href="https://man.openbsd.org/OpenBSD-current/man1/mandoc.1">mandoc(1)</a>, if an explicit line break request (.br or .sp) occurs within an .HP block, the next line doesn't hang, but is simply indented. |
|
|
<!-- 2015-03-19 --> |
<!-- 2015-03-19 --> |
<li>Fix a memory leak in an error path in LibreSSL (from OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f). |
<li>Fix a memory leak in an error path in LibreSSL (from OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f). |
<li>Fix a small memory leak in <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a>. |
<li>Fix a small memory leak in <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a>. |
<li><font color="#e00000">5.6 and 5.7 SECURITY FIX: several crash causing defects in OpenSSL (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288 and CVE-2015-0289).</font><br>A source code patch is available for <a href="errata56.html#020_openssl">5.6</a> and <a href="errata57.html#003_openssl">5.7</a>. |
<li><strong>5.6 and 5.7 SECURITY FIX: several crash causing defects in OpenSSL (CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288 and CVE-2015-0289).</strong><br>A source code patch is available for <a href="errata56.html#020_openssl">5.6</a> and <a href="errata57.html#003_openssl">5.7</a>. |
<li><font color="#e00000">5.5 SECURITY FIX: two possible crash causing defects in OpenSSL (CVE-2015-0286 and CVE-2015-0292).</font><br>A source code patch is available for <a href="errata55.html#024_openssl">5.5</a>. |
<li><strong>5.5 SECURITY FIX: two possible crash causing defects in OpenSSL (CVE-2015-0286 and CVE-2015-0292).</strong><br>A source code patch is available for <a href="errata55.html#024_openssl">5.5</a>. |
<li>Fix CVE-2015-0209, CVE-2015-0286, CVE-2015-0287 and CVE-2015-0289 in LibreSSL. |
<li>Fix CVE-2015-0209, CVE-2015-0286, CVE-2015-0287 and CVE-2015-0289 in LibreSSL. |
<li>Deal with half-configured control pipes in dwc2, using the same workaround as in <a href="https://man.openbsd.org/OpenBSD-current/man4/ehci.4">ehci(4)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man4/ohci.4">ohci(4)</a>. |
<li>Deal with half-configured control pipes in dwc2, using the same workaround as in <a href="https://man.openbsd.org/OpenBSD-current/man4/ehci.4">ehci(4)</a> and <a href="https://man.openbsd.org/OpenBSD-current/man4/ohci.4">ohci(4)</a>. |
<!-- 2015-03-18 --> |
<!-- 2015-03-18 --> |
|
|
<!-- 2015-03-17 --> |
<!-- 2015-03-17 --> |
<li>Reenable the pa1.1 fallback code for sha256 on hppa. |
<li>Reenable the pa1.1 fallback code for sha256 on hppa. |
<li>"Handle" wccp2 packets if net.inet.gre.wccp is set to 2 by truncating skipping the wccp 2 header. |
<li>"Handle" wccp2 packets if net.inet.gre.wccp is set to 2 by truncating skipping the wccp 2 header. |
<li><font color="#e00000">5.5, 5.6 and 5.7 SECURITY FIX: buffer overflows in libXfont (CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804).</font><br>A source code patch is available for <a href="errata55.html#023_libxfont">5.5</a>, <a href="errata56.html#019_libxfont">5.6</a> and <a href="errata57.html#002_libxfont">5.7</a>. |
<li><strong>5.5, 5.6 and 5.7 SECURITY FIX: buffer overflows in libXfont (CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804).</strong><br>A source code patch is available for <a href="errata55.html#023_libxfont">5.5</a>, <a href="errata56.html#019_libxfont">5.6</a> and <a href="errata57.html#002_libxfont">5.7</a>. |
<li>Update to libXfont 1.5.1 which contains fixes for CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804. |
<li>Update to libXfont 1.5.1 which contains fixes for CVE-2015-1802, CVE-2015-1803 and CVE-2015-1804. |
<li>Fix swap auto-allocation in <a href="https://man.openbsd.org/OpenBSD-current/man8/disklabel.8">disklabel(8)</a> for machines with very little memory. |
<li>Fix swap auto-allocation in <a href="https://man.openbsd.org/OpenBSD-current/man8/disklabel.8">disklabel(8)</a> for machines with very little memory. |
<li>Replace <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a> with the implementation from FreeBSD. |
<li>Replace <a href="https://man.openbsd.org/OpenBSD-current/man1/sort.1">sort(1)</a> with the implementation from FreeBSD. |
|
|
<li>Correct buffer overflow in handling of pax extension headers, caught by the memcpy() overlap check. |
<li>Correct buffer overflow in handling of pax extension headers, caught by the memcpy() overlap check. |
</ul> |
</ul> |
</ul> |
</ul> |
<p> |
|
|
|
</body> |
|
</html> |
|