version 1.71, 1998/07/02 09:29:49 |
version 1.72, 1998/07/02 09:32:24 |
|
|
in <a href=anoncvs.html>OpenBSD current</a>. |
in <a href=anoncvs.html>OpenBSD current</a>. |
|
|
<ul> |
<ul> |
<li><a href=errata.html#fdalloc>Jul 2, 1998: setuid and setgid processes should |
<li><a href=errata.html#fdalloc>Jul 2, 1998: setuid and setgid processes |
not be executed with fd slots 0, 1, or 2 free. (patch included).</a> |
should not be executed with fd slots 0, 1, or 2 free. |
<li><a href=errata.html#xlib>May 22, 1998: Further problems with the X |
(patch included).</a> |
|
<li><a href=errata.html#xlib>June 6, 1998: Further problems with the X |
libraries (patches included).</a> |
libraries (patches included).</a> |
<li><a href=errata.html#kill>May 17, 1998: kill(2) of setuid/setgid target |
|
processes too permissive (4th revision patch included).</a> |
|
<li><a href=errata.html#pctr>June 4, 1998: on non-Intel i386 machines, any user |
<li><a href=errata.html#pctr>June 4, 1998: on non-Intel i386 machines, any user |
can use pctr(4) to crash the machine.</a> |
can use pctr(4) to crash the machine.</a> |
|
<li><a href=errata.html#kill>May 17, 1998: kill(2) of setuid/setgid target |
|
processes too permissive (4th revision patch included).</a> |
<li><a href=errata.html#immutable>May 11, 1998: mmap() permits partial bypassing |
<li><a href=errata.html#immutable>May 11, 1998: mmap() permits partial bypassing |
of immutable and append-only file flags. (patch included).</a> |
of immutable and append-only file flags. (patch included).</a> |
<li><a href=errata.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm and Xaw |
<li><a href=errata.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm and Xaw |
|
|
OpenBSD 2.2; they may or may not work on OpenBSD 2.1). |
OpenBSD 2.2; they may or may not work on OpenBSD 2.1). |
|
|
<ul> |
<ul> |
<li><a href=errata22.html#f00f>Dec 10, 1997: Intel P5 f00f lockup |
<li><a href=errata22.html#ipsec>May 5, 1998: Incorrect handling of IPSEC |
|
packets if IPSEC is enabled (patch included).</a> |
|
<li><a href=errata22.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm |
|
and Xaw (CERT advisory VB-98.04) (patch included).</a> |
|
<li><a href=errata22.html#uucpd>Apr 22, 1998: Buffer overflow in uucpd |
(patch included).</a> |
(patch included).</a> |
<li><a href=errata22.html#ldso>Feb 9, 1998: MIPS ld.so flaw (patch included).</a> |
<li><a href=errata22.html#rmjob>Apr 22, 1998: Buffer mismanagement in lprm |
<li><a href=errata22.html#ruserok>Feb 13, 1998: Setuid coredump & Ruserok() |
(patch included).</a> |
flaw (patch included).</a> |
<li><a href=errata22.html#ping>Mar 31, 1998: Overflow in ping -R (patch included).</a> |
|
<li><a href=errata22.html#named>Mar 30, 1998: Overflow in named fake-iquery |
|
(patch included).</a> |
|
<li><a href=errata22.html#mountd>Mar 2, 1998: Accidental NFS filesystem |
|
export (patch included).</a> |
|
<li><a href=advisories/mmap>Feb 26, 1998: Read-write mmap() flaw.</a> |
|
Revision 3 of the patch is available <a href=errata22.html#mmap>here</a> |
<li><a href=advisories/sourceroute>Feb 19, 1998: Sourcerouted Packet |
<li><a href=advisories/sourceroute>Feb 19, 1998: Sourcerouted Packet |
Acceptance.</a> |
Acceptance.</a> |
A patch is available <a href=errata22.html#sourceroute>here</a>. |
A patch is available <a href=errata22.html#sourceroute>here</a>. |
<li><a href=advisories/mmap>Feb 26, 1998: Read-write mmap() flaw.</a> |
<li><a href=errata22.html#ruserok>Feb 13, 1998: Setuid coredump & Ruserok() |
Revision 3 of the patch is available <a href=errata22.html#mmap>here</a> |
flaw (patch included).</a> |
<li><a href=errata22.html#mountd>Mar 2, 1998: Accidental NFS filesystem |
<li><a href=errata22.html#ldso>Feb 9, 1998: MIPS ld.so flaw (patch included).</a> |
export (patch included).</a> |
<li><a href=errata22.html#f00f>Dec 10, 1997: Intel P5 f00f lockup |
<li><a href=errata22.html#named>Mar 30, 1998: Overflow in named fake-iquery |
|
(patch included).</a> |
(patch included).</a> |
<li><a href=errata22.html#ping>Mar 31, 1998: Overflow in ping -R (patch included).</a> |
|
<li><a href=errata22.html#uucpd>Apr 22, 1998: Buffer overflow in uucpd |
|
(patch included).</a> |
|
<li><a href=errata22.html#rmjob>Apr 22, 1998: Buffer mismanagement in lprm |
|
(patch included).</a> |
|
<li><a href=errata22.html#xterm-xaw>May 1, 1998: Buffer overflow in xterm |
|
and Xaw (CERT advisory VB-98.04) (patch included).</a> |
|
<li><a href=errata22.html#ipsec>May 5, 1998: Incorrect handling of IPSEC |
|
packets if IPSEC is enabled (patch included).</a> |
|
</ul> |
</ul> |
|
|
<a name=21></a> |
<a name=21></a> |
|
|
make it hard for us to provide patches). |
make it hard for us to provide patches). |
|
|
<ul> |
<ul> |
|
<li><a href=advisories/signals>Sep 15, 1997: Deviant Signals (patch included)</a> |
<li><a href=advisories/rfork>Aug 2, 1997: Rfork() system call flaw |
<li><a href=advisories/rfork>Aug 2, 1997: Rfork() system call flaw |
(patch included)</a> |
(patch included)</a> |
<li><a href=advisories/procfs>Jun 24, 1997: Procfs flaws (patch included)</a> |
<li><a href=advisories/procfs>Jun 24, 1997: Procfs flaws (patch included)</a> |
<li><a href=advisories/signals>Sep 15, 1997: Deviant Signals (patch included)</a> |
|
</ul> |
</ul> |
|
|
<p> |
<p> |