For 2.7 security advisories.
For 2.6 security advisories.
For 2.5 security advisories.
*************** *** 181,186 **** --- 182,202 ----
OpenBSD 2.8 Security Advisories
+ These are the OpenBSD 2.8 advisories -- all these problems are solved + in OpenBSD current. Obviously, all the + OpenBSD 2.7 advisories listed below are fixed in OpenBSD 2.8. + ++
-
+
- No security advisories for 2.8 as of yet. + +
+
OpenBSD 2.7 Security Advisories
*************** *** 190,261 ****
-
!
- Oct 26, 2000: X11 libraries have 2 potential overflows in xtrans code. (patch included) !
- Oct 18, 2000: Apache mod_rewrite and mod_vhost_alias modules could expose files on the server in certain configurations if used. (patch included) !
- Oct 10, 2000: The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH and TERMCAP environment variables as it should. (patch included) !
- Oct 6, 2000: There are printf-style format string bugs in several privileged programs. (patch included) !
- Oct 6, 2000: libcurses honored terminal descriptions in the $HOME/.terminfo directory as well as in the TERMCAP environment variable for setuid and setgid applications. (patch included) !
- Oct 6, 2000: A format string vulnerability exists in talkd(8). (patch included) !
- Oct 3, 2000: A format string vulnerability exists in the pw_error() function of the libutil library, yielding localhost root through chpass(1). (patch included) !
- Sep 18, 2000: Bad ESP/AH packets could cause a crash under certain conditions. (patch included) !
- Aug 16, 2000: A format string vulnerability (localhost root) exists in xlock(1). (patch included) !
- July 14, 2000: Various bugs found in X11 libraries have various side effects, almost completely denial of service in OpenBSD. (patch included) !
- July 5, 2000: Just like pretty much all the other unix ftp daemons on the planet, ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default. The problem exists if anonymous ftp is enabled. (patch included) !
- July 5, 2000: Mopd, very rarely used, contained some buffer overflows. (patch included) !
- June 28, 2000: libedit would check for a .editrc file in the current directory. Not known to be a real security issue, but a patch is available anyways. (patch included) !
- June 24, 2000: A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root. (patch included) !
- June 9, 2000: A serious bug in isakmpd(8) policy handling wherein policy verification could be completely bypassed in isakmpd. (patch included) !
- June 6, 2000: The non-default flag UseLogin in /etc/sshd_config is broken, should not be used, and results in security problems on other operating systems. !
- May 26, 2000: The bridge(4) learning flag may be bypassed. (patch included) !
- May 25, 2000:
Improper use of ipf keep-state rules can result
in firewall rules being bypassed. (patch included)
--- 206,280 ----
-
!
- Nov 10, 2000: ! Hostile servers can force OpenSSH clients to do agent or X11 forwarding. ! (patch included) !
- Oct 26, 2000: X11 libraries have 2 potential overflows in xtrans code. (patch included) !
- Oct 18, 2000: Apache mod_rewrite and mod_vhost_alias modules could expose files on the server in certain configurations if used. (patch included) !
- Oct 10, 2000: The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH and TERMCAP environment variables as it should. (patch included) !
- Oct 6, 2000: There are printf-style format string bugs in several privileged programs. (patch included) !
- Oct 6, 2000: libcurses honored terminal descriptions in the $HOME/.terminfo directory as well as in the TERMCAP environment variable for setuid and setgid applications. (patch included) !
- Oct 6, 2000: A format string vulnerability exists in talkd(8). (patch included) !
- Oct 3, 2000: A format string vulnerability exists in the pw_error() function of the libutil library, yielding localhost root through chpass(1). (patch included) !
- Sep 18, 2000: Bad ESP/AH packets could cause a crash under certain conditions. (patch included) !
- Aug 16, 2000: A format string vulnerability (localhost root) exists in xlock(1). (patch included) !
- July 14, 2000: Various bugs found in X11 libraries have various side effects, almost completely denial of service in OpenBSD. (patch included) !
- July 5, 2000: Just like pretty much all the other unix ftp daemons on the planet, ftpd had a remote root hole in it. Luckily, ftpd was not enabled by default. The problem exists if anonymous ftp is enabled. (patch included) !
- July 5, 2000: Mopd, very rarely used, contained some buffer overflows. (patch included) !
- June 28, 2000: libedit would check for a .editrc file in the current directory. Not known to be a real security issue, but a patch is available anyways. (patch included) !
- June 24, 2000: A serious bug in dhclient(8) could allow strings from a malicious dhcp server to be executed in the shell as root. (patch included) !
- June 9, 2000: A serious bug in isakmpd(8) policy handling wherein policy verification could be completely bypassed in isakmpd. (patch included) !
- June 6, 2000: The non-default flag UseLogin in /etc/sshd_config is broken, should not be used, and results in security problems on other operating systems. !
- May 26, 2000: The bridge(4) learning flag may be bypassed. (patch included) !
- May 25, 2000:
Improper use of ipf keep-state rules can result
in firewall rules being bypassed. (patch included)
***************
*** 600,606 ****
www@openbsd.org
! $OpenBSD: security.html,v 1.151 2000/10/26 14:12:08 matthieu Exp $