| version 1.412, 2014/05/01 15:15:22 |
version 1.413, 2014/05/13 20:12:43 |
|
|
| <a name="38"></a> |
<a name="38"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.8 Security Advisories</font></h3> |
| These are the OpenBSD 3.8 advisories -- all these problems are solved |
These are the OpenBSD 3.8 advisories -- all these problems are solved |
| in <a href=anoncvs.html>OpenBSD current</a> and the |
in <a href=anoncvs.html>OpenBSD current</a> and the |
| <a href=stable.html>patch branch</a>. |
<a href=stable.html>patch branch</a>. |
| |
|
|
|
| <a name="37"></a> |
<a name="37"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.7 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.7 Security Advisories</font></h3> |
| These are the OpenBSD 3.7 advisories -- all these problems are solved |
These are the OpenBSD 3.7 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.7 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.7 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| <a name="36"></a> |
<a name="36"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.6 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.6 Security Advisories</font></h3> |
| These are the OpenBSD 3.6 advisories -- all these problems are solved |
These are the OpenBSD 3.6 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.6 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.6 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| <a name="35"></a> |
<a name="35"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.5 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.5 Security Advisories</font></h3> |
| These are the OpenBSD 3.5 advisories -- all these problems are solved |
These are the OpenBSD 3.5 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.5 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.5 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| to the possibility of principal impersonation from other |
to the possibility of principal impersonation from other |
| Kerberos realms if they are trusted with a cross-realm trust.</a> |
Kerberos realms if they are trusted with a cross-realm trust.</a> |
| <li><a href="errata35.html#xdm"> May 26, 2004: |
<li><a href="errata35.html#xdm"> May 26, 2004: |
| xdm(1) ignores the requestPort resource and creates a |
xdm(1) ignores the requestPort resource and creates a |
| listening socket regardless of the setting in xdm-config.</a> |
listening socket regardless of the setting in xdm-config.</a> |
| <li><a href="errata35.html#cvs2"> May 20, 2004: |
<li><a href="errata35.html#cvs2"> May 20, 2004: |
| A buffer overflow in the cvs(1) server has been found, |
A buffer overflow in the cvs(1) server has been found, |
|
|
| <a name="34"></a> |
<a name="34"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.4 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.4 Security Advisories</font></h3> |
| These are the OpenBSD 3.4 advisories -- all these problems are solved |
These are the OpenBSD 3.4 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.4 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.4 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| <a name="33"></a> |
<a name="33"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.3 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.3 Security Advisories</font></h3> |
| These are the OpenBSD 3.3 advisories -- all these problems are solved |
These are the OpenBSD 3.3 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.3 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.3 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| Several message handling flaws in isakmpd(8) have been reported |
Several message handling flaws in isakmpd(8) have been reported |
| by Thomas Walpuski.</a> |
by Thomas Walpuski.</a> |
| <li><a href="errata33.html#ibcs2">November 17, 2003: |
<li><a href="errata33.html#ibcs2">November 17, 2003: |
| It may be possible for a local user to execute arbitrary code |
It may be possible for a local user to execute arbitrary code |
| resulting in escalation of privileges due to a stack overrun |
resulting in escalation of privileges due to a stack overrun |
| in compat_ibcs2(8).</a> |
in compat_ibcs2(8).</a> |
| <li><a href="errata33.html#asn1">October 1, 2003: |
<li><a href="errata33.html#asn1">October 1, 2003: |
| The use of certain ASN.1 encodings or malformed public keys may |
The use of certain ASN.1 encodings or malformed public keys may |
| allow an attacker to mount a denial of service attack against |
allow an attacker to mount a denial of service attack against |
| applications linked with ssl(3).</a> |
applications linked with ssl(3).</a> |
| <li><a href="errata33.html#pfnorm">September 24, 2003: |
<li><a href="errata33.html#pfnorm">September 24, 2003: |
| Access of freed memory in pf(4) could be used to |
Access of freed memory in pf(4) could be used to |
| remotely panic a machine using scrub rules.</a> |
remotely panic a machine using scrub rules.</a> |
| <li><a href="errata33.html#sendmail">September 17, 2003: |
<li><a href="errata33.html#sendmail">September 17, 2003: |
| A buffer overflow in the address parsing in |
A buffer overflow in the address parsing in |
|
|
| <a name="32"></a> |
<a name="32"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.2 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.2 Security Advisories</font></h3> |
| These are the OpenBSD 3.2 advisories -- all these problems are solved |
These are the OpenBSD 3.2 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.2 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.2 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| allow an attacker to mount a denial of service attack against |
allow an attacker to mount a denial of service attack against |
| applications linked with ssl(3). This does not affect OpenSSH.</a> |
applications linked with ssl(3). This does not affect OpenSSH.</a> |
| <li><a href="errata32.html#pfnorm">September 24, 2003: |
<li><a href="errata32.html#pfnorm">September 24, 2003: |
| Access of freed memory in pf(4) could be used to |
Access of freed memory in pf(4) could be used to |
| remotely panic a machine using scrub rules.</a> |
remotely panic a machine using scrub rules.</a> |
| <li><a href="errata32.html#sendmail4">September 17, 2003: |
<li><a href="errata32.html#sendmail4">September 17, 2003: |
| A buffer overflow in the address parsing in |
A buffer overflow in the address parsing in |
|
|
| numbers as part of the file handle.</a> |
numbers as part of the file handle.</a> |
| <li><a href="errata32.html#ssl">February 22, 2003: |
<li><a href="errata32.html#ssl">February 22, 2003: |
| In ssl(8) an information leak can occur via timing by performing |
In ssl(8) an information leak can occur via timing by performing |
| a MAC computation even if incorrect block cipher padding has |
a MAC computation even if incorrect block cipher padding has |
| been found, this is a countermeasure. Also, check for negative |
been found, this is a countermeasure. Also, check for negative |
| sizes, in allocation routines.</a> |
sizes, in allocation routines.</a> |
| <li><a href="errata32.html#cvs">January 20, 2003: |
<li><a href="errata32.html#cvs">January 20, 2003: |
|
|
| <a name="31"></a> |
<a name="31"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.1 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.1 Security Advisories</font></h3> |
| These are the OpenBSD 3.1 advisories -- all these problems are solved |
These are the OpenBSD 3.1 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.1 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.1 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
| |
|
|
|
| sendmail(8) may allow an attacker to gain root privileges.</a> |
sendmail(8) may allow an attacker to gain root privileges.</a> |
| <li><a href="errata31.html#ssl2">February 23, 2003: |
<li><a href="errata31.html#ssl2">February 23, 2003: |
| In ssl(8) an information leak can occur via timing by performing |
In ssl(8) an information leak can occur via timing by performing |
| a MAC computation even if incorrect block cipher padding has |
a MAC computation even if incorrect block cipher padding has |
| been found, this is a countermeasure. Also, check for negative |
been found, this is a countermeasure. Also, check for negative |
| sizes, in allocation routines.</a> |
sizes, in allocation routines.</a> |
| <li><a href="errata31.html#cvs">January 20, 2003: |
<li><a href="errata31.html#cvs">January 20, 2003: |
|
|
| <a name="30"></a> |
<a name="30"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 3.0 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 3.0 Security Advisories</font></h3> |
| These are the OpenBSD 3.0 advisories -- all these problems are solved |
These are the OpenBSD 3.0 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a> for 3.0 is no longer being maintained, |
<a href="stable.html">patch branch</a> for 3.0 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
|
|
| <a name="29"></a> |
<a name="29"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.9 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.9 Security Advisories</font></h3> |
| These are the OpenBSD 2.9 advisories -- all these problems are solved |
These are the OpenBSD 2.9 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a>. for 2.9 is no longer being maintained, |
<a href="stable.html">patch branch</a>. for 2.9 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
| |
|
|
|
| <a name="28"></a> |
<a name="28"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.8 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.8 Security Advisories</font></h3> |
| These are the OpenBSD 2.8 advisories -- all these problems are solved |
These are the OpenBSD 2.8 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. The |
in <a href="anoncvs.html">OpenBSD current</a>. The |
| <a href="stable.html">patch branch</a>. for 2.8 is no longer being maintained, |
<a href="stable.html">patch branch</a>. for 2.8 is no longer being maintained, |
| you should update your machine. |
you should update your machine. |
| |
|
|
|
| <a name="27"></a> |
<a name="27"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.7 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.7 Security Advisories</font></h3> |
| These are the OpenBSD 2.7 advisories -- all these problems are solved |
These are the OpenBSD 2.7 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
| OpenBSD 2.6 advisories listed below are fixed in OpenBSD 2.7. |
OpenBSD 2.6 advisories listed below are fixed in OpenBSD 2.7. |
| |
|
|
|
| X11 libraries have 2 potential overflows in xtrans code. |
X11 libraries have 2 potential overflows in xtrans code. |
| (patch included)</a> |
(patch included)</a> |
| <li><a href="errata27.html#httpd">Oct 18, 2000: |
<li><a href="errata27.html#httpd">Oct 18, 2000: |
| Apache mod_rewrite and mod_vhost_alias modules could expose files |
Apache mod_rewrite and mod_vhost_alias modules could expose files |
| on the server in certain configurations if used. |
on the server in certain configurations if used. |
| (patch included)</a> |
(patch included)</a> |
| <li><a href="errata27.html#telnetd">Oct 10, 2000: |
<li><a href="errata27.html#telnetd">Oct 10, 2000: |
|
|
| <li><a href="errata27.html#ipf">May 25, 2000: |
<li><a href="errata27.html#ipf">May 25, 2000: |
| Improper use of ipf <i>keep-state</i> rules can result |
Improper use of ipf <i>keep-state</i> rules can result |
| in firewall rules being bypassed. (patch included)</a> |
in firewall rules being bypassed. (patch included)</a> |
| |
|
| </ul> |
</ul> |
| |
|
| <p> |
<p> |
|
|
| <a name="26"></a> |
<a name="26"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.6 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.6 Security Advisories</font></h3> |
| These are the OpenBSD 2.6 advisories -- all these problems are solved |
These are the OpenBSD 2.6 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
| OpenBSD 2.5 advisories listed below are fixed in OpenBSD 2.6. |
OpenBSD 2.5 advisories listed below are fixed in OpenBSD 2.6. |
| |
|
|
|
| <li><a href="errata26.html#ipf">May 25, 2000: |
<li><a href="errata26.html#ipf">May 25, 2000: |
| Improper use of ipf <i>keep-state</i> rules can result |
Improper use of ipf <i>keep-state</i> rules can result |
| in firewall rules being bypassed. (patch included)</a> |
in firewall rules being bypassed. (patch included)</a> |
| <li><a href="errata26.html#xlockmore">May 25, 2000: |
<li><a href="errata26.html#xlockmore">May 25, 2000: |
| xlockmore has a bug which a localhost attacker can use to gain |
xlockmore has a bug which a localhost attacker can use to gain |
| access to the encrypted root password hash (which is normally |
access to the encrypted root password hash (which is normally |
| encoded using blowfish</a> (see |
encoded using blowfish</a> (see |
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&sektion=3"> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=crypt&sektion=3"> |
| crypt(3)</a>) |
crypt(3)</a>) |
| (patch included). |
(patch included). |
| <li><a href="errata26.html#procfs">Jan 20, 2000: |
<li><a href="errata26.html#procfs">Jan 20, 2000: |
| Systems running with procfs enabled and mounted are |
Systems running with procfs enabled and mounted are |
| vulnerable to a very tricky exploit. procfs is not |
vulnerable to a very tricky exploit. procfs is not |
| mounted by default. |
mounted by default. |
|
|
| (patch included).<br></a> |
(patch included).<br></a> |
| <strong>Update:</strong> Turns out that this was not exploitable |
<strong>Update:</strong> Turns out that this was not exploitable |
| in any of the software included in OpenBSD 2.6. |
in any of the software included in OpenBSD 2.6. |
| <li><a href="errata26.html#ifmedia">Nov 9, 1999: |
<li><a href="errata26.html#ifmedia">Nov 9, 1999: |
| Any user could change interface media configurations, resulting in |
Any user could change interface media configurations, resulting in |
| a localhost denial of service attack. |
a localhost denial of service attack. |
| (patch included).</a> |
(patch included).</a> |
|
|
| <a name="25"></a> |
<a name="25"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.5 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.5 Security Advisories</font></h3> |
| These are the OpenBSD 2.5 advisories -- all these problems are solved |
These are the OpenBSD 2.5 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
| OpenBSD 2.4 advisories listed below are fixed in OpenBSD 2.5. |
OpenBSD 2.4 advisories listed below are fixed in OpenBSD 2.5. |
| |
|
| <p> |
<p> |
| <ul> |
<ul> |
| <li><a href="errata25.html#cron">Aug 30, 1999: |
<li><a href="errata25.html#cron">Aug 30, 1999: |
| In cron(8), make sure argv[] is NULL terminated in the |
In cron(8), make sure argv[] is NULL terminated in the |
| fake popen() and run sendmail as the user, not as root. |
fake popen() and run sendmail as the user, not as root. |
| (patch included).</a> |
(patch included).</a> |
|
|
| <a name="24"></a> |
<a name="24"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.4 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.4 Security Advisories</font></h3> |
| These are the OpenBSD 2.4 advisories -- all these problems are solved |
These are the OpenBSD 2.4 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
| OpenBSD 2.3 advisories listed below are fixed in OpenBSD 2.4. |
OpenBSD 2.3 advisories listed below are fixed in OpenBSD 2.4. |
| |
|
|
|
| <li><a href="errata24.html#ping">Feb 23, 1999: Yet another buffer overflow |
<li><a href="errata24.html#ping">Feb 23, 1999: Yet another buffer overflow |
| existed in ping(8). (patch included).</a> |
existed in ping(8). (patch included).</a> |
| <li><a href="errata24.html#ipqrace">Feb 19, 1999: ipintr() had a race in use of |
<li><a href="errata24.html#ipqrace">Feb 19, 1999: ipintr() had a race in use of |
| the ipq, which could permit an attacker to cause a crash. |
the ipq, which could permit an attacker to cause a crash. |
| (patch included).</a> |
(patch included).</a> |
| <li><a href="errata24.html#accept">Feb 17, 1999: A race condition in the |
<li><a href="errata24.html#accept">Feb 17, 1999: A race condition in the |
| kernel between accept(2) and select(2) could permit an attacker |
kernel between accept(2) and select(2) could permit an attacker |
|
|
| <a name="23"></a> |
<a name="23"></a> |
| |
|
| <h3><font color="#e00000">OpenBSD 2.3 Security Advisories</font></h3> |
<h3><font color="#e00000">OpenBSD 2.3 Security Advisories</font></h3> |
| These are the OpenBSD 2.3 advisories -- all these problems are solved |
These are the OpenBSD 2.3 advisories -- all these problems are solved |
| in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
in <a href="anoncvs.html">OpenBSD current</a>. Obviously, all the |
| OpenBSD 2.2 advisories listed below are fixed in OpenBSD 2.3. |
OpenBSD 2.2 advisories listed below are fixed in OpenBSD 2.3. |
| |
|
|
|
| <p> |
<p> |
| <ul> |
<ul> |
| <li><a href="advisories/res_random.txt">April 22, 1997: Predictable IDs in the |
<li><a href="advisories/res_random.txt">April 22, 1997: Predictable IDs in the |
| resolver (patch included)</a> |
resolver (patch included)</a> |
| <li>Many others... if people can hunt them down, please let me know |
<li>Many others... if people can hunt them down, please let me know |
| and we'll put them up here. |
and we'll put them up here. |
| </ul> |
</ul> |
|
|
| transition between major releases. |
transition between major releases. |
| <li>Install a binary snapshot for your |
<li>Install a binary snapshot for your |
| architecture, which are made available fairly often. For |
architecture, which are made available fairly often. For |
| instance, an i386 snapshot is typically made available weekly. |
instance, an i386 snapshot is typically made available weekly. |
| </ul> |
</ul> |
| |
|
| <p> |
<p> |
![[BACK]](/icons/back.gif){kind=icon}
Return to security.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www