| version 1.320, 2006/02/12 10:25:39 |
version 1.321, 2006/03/25 22:09:16 |
|
|
| <a href="#35">3.5</a>, |
<a href="#35">3.5</a>, |
| <a href="#36">3.6</a>, |
<a href="#36">3.6</a>, |
| <a href="#37">3.7</a>, |
<a href="#37">3.7</a>, |
| <a href="#38">3.8</a>. |
<a href="#38">3.8</a>, |
| |
<a href="#39">3.9</a>. |
| </td> |
</td> |
| </tr> |
</tr> |
| </table> |
</table> |
|
|
| <li><h3><font color="#e00000">Advisories</font></h3><p> |
<li><h3><font color="#e00000">Advisories</font></h3><p> |
| |
|
| <li> |
<li> |
| |
<a name="39"></a> |
| |
|
| |
<h3><font color="#e00000">OpenBSD 3.9 Security Advisories</font></h3> |
| |
These are the OpenBSD 3.9 advisories -- all these problems are solved |
| |
in <a href=anoncvs.html>OpenBSD current</a> and the |
| |
<a href=stable.html>patch branch</a>. |
| |
|
| |
<p> |
| |
<ul> |
| |
<li><a href="errata.html#sendmail">Mar 25, 2006: |
| |
A race condition has been reported to exist in the handling by sendmail |
| |
of asynchronous signals.</a> |
| |
</ul> |
| |
|
| |
<li> |
| <a name="38"></a> |
<a name="38"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| <li><a href="errata.html#ssh">Feb 12, 2006: |
<li><a href="errata38.html#sendmail">Mar 25, 2006: |
| |
A race condition has been reported to exist in the handling by sendmail |
| |
of asynchronous signals.</a> |
| |
<li><a href="errata38.html#ssh">Feb 12, 2006: |
| Josh Bressers has reported a weakness in OpenSSH caused due to the |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
| insecure use of the system(3) function in scp(1) when performing copy |
insecure use of the system(3) function in scp(1) when performing copy |
| operations using filenames that are supplied by the user from the |
operations using filenames that are supplied by the user from the |
| command line.</a> |
command line.</a> |
| <li><a href="errata.html#fd">Jan 5, 2006: |
<li><a href="errata38.html#fd">Jan 5, 2006: |
| Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
| /dev/fd.</a> |
/dev/fd.</a> |
| <li><a href="errata.html#perl">Jan 5, 2006: |
<li><a href="errata38.html#perl">Jan 5, 2006: |
| A buffer overflow has been found in the Perl interpreter with the |
A buffer overflow has been found in the Perl interpreter with the |
| sprintf function which may be exploitable under certain conditions.</a> |
sprintf function which may be exploitable under certain conditions.</a> |
| </ul> |
</ul> |
|
|
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| |
<li><a href="errata37.html#sendmail">Mar 25, 2006: |
| |
A race condition has been reported to exist in the handling by sendmail |
| |
of asynchronous signals.</a> |
| <li><a href="errata37.html#ssh">Feb 12, 2006: |
<li><a href="errata37.html#ssh">Feb 12, 2006: |
| Josh Bressers has reported a weakness in OpenSSH caused due to the |
Josh Bressers has reported a weakness in OpenSSH caused due to the |
| insecure use of the system(3) function in scp(1) when performing copy |
insecure use of the system(3) function in scp(1) when performing copy |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www