version 1.320, 2006/02/12 10:25:39 |
version 1.321, 2006/03/25 22:09:16 |
|
|
<a href="#35">3.5</a>, |
<a href="#35">3.5</a>, |
<a href="#36">3.6</a>, |
<a href="#36">3.6</a>, |
<a href="#37">3.7</a>, |
<a href="#37">3.7</a>, |
<a href="#38">3.8</a>. |
<a href="#38">3.8</a>, |
|
<a href="#39">3.9</a>. |
</td> |
</td> |
</tr> |
</tr> |
</table> |
</table> |
|
|
<li><h3><font color="#e00000">Advisories</font></h3><p> |
<li><h3><font color="#e00000">Advisories</font></h3><p> |
|
|
<li> |
<li> |
|
<a name="39"></a> |
|
|
|
<h3><font color="#e00000">OpenBSD 3.9 Security Advisories</font></h3> |
|
These are the OpenBSD 3.9 advisories -- all these problems are solved |
|
in <a href=anoncvs.html>OpenBSD current</a> and the |
|
<a href=stable.html>patch branch</a>. |
|
|
|
<p> |
|
<ul> |
|
<li><a href="errata.html#sendmail">Mar 25, 2006: |
|
A race condition has been reported to exist in the handling by sendmail |
|
of asynchronous signals.</a> |
|
</ul> |
|
|
|
<li> |
<a name="38"></a> |
<a name="38"></a> |
|
|
<h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
<li><a href="errata.html#ssh">Feb 12, 2006: |
<li><a href="errata38.html#sendmail">Mar 25, 2006: |
|
A race condition has been reported to exist in the handling by sendmail |
|
of asynchronous signals.</a> |
|
<li><a href="errata38.html#ssh">Feb 12, 2006: |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
insecure use of the system(3) function in scp(1) when performing copy |
insecure use of the system(3) function in scp(1) when performing copy |
operations using filenames that are supplied by the user from the |
operations using filenames that are supplied by the user from the |
command line.</a> |
command line.</a> |
<li><a href="errata.html#fd">Jan 5, 2006: |
<li><a href="errata38.html#fd">Jan 5, 2006: |
Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
/dev/fd.</a> |
/dev/fd.</a> |
<li><a href="errata.html#perl">Jan 5, 2006: |
<li><a href="errata38.html#perl">Jan 5, 2006: |
A buffer overflow has been found in the Perl interpreter with the |
A buffer overflow has been found in the Perl interpreter with the |
sprintf function which may be exploitable under certain conditions.</a> |
sprintf function which may be exploitable under certain conditions.</a> |
</ul> |
</ul> |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href="errata37.html#sendmail">Mar 25, 2006: |
|
A race condition has been reported to exist in the handling by sendmail |
|
of asynchronous signals.</a> |
<li><a href="errata37.html#ssh">Feb 12, 2006: |
<li><a href="errata37.html#ssh">Feb 12, 2006: |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
insecure use of the system(3) function in scp(1) when performing copy |
insecure use of the system(3) function in scp(1) when performing copy |