version 1.337, 2006/11/20 01:35:19 |
version 1.338, 2007/01/03 21:14:39 |
|
|
<meta name="description" content="OpenBSD advisories"> |
<meta name="description" content="OpenBSD advisories"> |
<meta name="keywords" content="openbsd,main"> |
<meta name="keywords" content="openbsd,main"> |
<meta name="distribution" content="global"> |
<meta name="distribution" content="global"> |
<meta name="copyright" content="This document copyright 1997-2004 by OpenBSD."> |
<meta name="copyright" content="This document copyright 1997-2007 by OpenBSD."> |
</head> |
</head> |
|
|
<body bgcolor="#ffffff" text="#000000" link="#23238E"> |
<body bgcolor="#ffffff" text="#000000" link="#23238E"> |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href="errata.html#agp">Jan 3, 2007: |
|
Insufficient validation in vga(4) may allow an attacker to gain |
|
root privileges on some i386 systems.</a> |
<li><a href="errata.html#ldso">Nov 19, 2006: |
<li><a href="errata.html#ldso">Nov 19, 2006: |
ld.so(1) fails to properly sanitize the environment.</a> |
ld.so(1) fails to properly sanitize the environment.</a> |
<li><a href="errata.html#systrace">Nov 4, 2006: |
<li><a href="errata.html#systrace">Nov 4, 2006: |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href="errata39.html#agp">Jan 3, 2007: |
|
Insufficient validation in vga(4) may allow an attacker to gain |
|
root privileges on some i386 systems.</a> |
<li><a href="errata39.html#ldso">Nov 19, 2006: |
<li><a href="errata39.html#ldso">Nov 19, 2006: |
ld.so(1) fails to properly sanitize the environment.</a> |
ld.so(1) fails to properly sanitize the environment.</a> |
<li><a href="errata39.html#ssh">Oct 12, 2006: |
<li><a href="errata39.html#ssh">Oct 12, 2006: |
|
|
of asynchronous signals.</a> |
of asynchronous signals.</a> |
</ul> |
</ul> |
|
|
|
<p> |
|
OpenBSD 3.8 and earlier releases are not supported anymore. The following |
|
paragraphs only list advisories issued while they were maintained; these |
|
releases are likely to be affected by the advisories for more recent releases. |
|
<br> |
|
|
<li> |
<li> |
<a name="38"></a> |
<a name="38"></a> |
|
|
|
|
A buffer overflow has been found in the Perl interpreter with the |
A buffer overflow has been found in the Perl interpreter with the |
sprintf function which may be exploitable under certain conditions.</a> |
sprintf function which may be exploitable under certain conditions.</a> |
</ul> |
</ul> |
|
|
<p> |
|
OpenBSD 3.7 and earlier releases are not supported anymore. The following |
|
paragraphs only list advisories issued while they were maintained; these |
|
releases are likely to be affected by the advisories for more recent releases. |
|
<br> |
|
|
|
<li> |
<li> |
<a name="37"></a> |
<a name="37"></a> |