| version 1.337, 2006/11/20 01:35:19 |
version 1.338, 2007/01/03 21:14:39 |
|
|
| <meta name="description" content="OpenBSD advisories"> |
<meta name="description" content="OpenBSD advisories"> |
| <meta name="keywords" content="openbsd,main"> |
<meta name="keywords" content="openbsd,main"> |
| <meta name="distribution" content="global"> |
<meta name="distribution" content="global"> |
| <meta name="copyright" content="This document copyright 1997-2004 by OpenBSD."> |
<meta name="copyright" content="This document copyright 1997-2007 by OpenBSD."> |
| </head> |
</head> |
| |
|
| <body bgcolor="#ffffff" text="#000000" link="#23238E"> |
<body bgcolor="#ffffff" text="#000000" link="#23238E"> |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href="errata.html#agp">Jan 3, 2007: |
| |
Insufficient validation in vga(4) may allow an attacker to gain |
| |
root privileges on some i386 systems.</a> |
| <li><a href="errata.html#ldso">Nov 19, 2006: |
<li><a href="errata.html#ldso">Nov 19, 2006: |
| ld.so(1) fails to properly sanitize the environment.</a> |
ld.so(1) fails to properly sanitize the environment.</a> |
| <li><a href="errata.html#systrace">Nov 4, 2006: |
<li><a href="errata.html#systrace">Nov 4, 2006: |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href="errata39.html#agp">Jan 3, 2007: |
| |
Insufficient validation in vga(4) may allow an attacker to gain |
| |
root privileges on some i386 systems.</a> |
| <li><a href="errata39.html#ldso">Nov 19, 2006: |
<li><a href="errata39.html#ldso">Nov 19, 2006: |
| ld.so(1) fails to properly sanitize the environment.</a> |
ld.so(1) fails to properly sanitize the environment.</a> |
| <li><a href="errata39.html#ssh">Oct 12, 2006: |
<li><a href="errata39.html#ssh">Oct 12, 2006: |
|
|
| of asynchronous signals.</a> |
of asynchronous signals.</a> |
| </ul> |
</ul> |
| |
|
| |
<p> |
| |
OpenBSD 3.8 and earlier releases are not supported anymore. The following |
| |
paragraphs only list advisories issued while they were maintained; these |
| |
releases are likely to be affected by the advisories for more recent releases. |
| |
<br> |
| |
|
| <li> |
<li> |
| <a name="38"></a> |
<a name="38"></a> |
| |
|
|
|
| A buffer overflow has been found in the Perl interpreter with the |
A buffer overflow has been found in the Perl interpreter with the |
| sprintf function which may be exploitable under certain conditions.</a> |
sprintf function which may be exploitable under certain conditions.</a> |
| </ul> |
</ul> |
| |
|
| <p> |
|
| OpenBSD 3.7 and earlier releases are not supported anymore. The following |
|
| paragraphs only list advisories issued while they were maintained; these |
|
| releases are likely to be affected by the advisories for more recent releases. |
|
| <br> |
|
| |
|
| <li> |
<li> |
| <a name="37"></a> |
<a name="37"></a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www