File: [local] / www / security.html (download) (as text)
Revision 1.11, Thu Feb 19 11:45:11 1998 UTC (26 years, 3 months ago) by deraadt
Branch: MAIN
Changes since 1.10: +15 -12 lines
provide pointers to new security advisories
|
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
<html>
<head>
<title>OpenBSD</title>
<link rev=made href=mailto:www@openbsd.org>
<meta name="resource-type" content="document">
<meta name="description" content="OpenBSD advisories">
<meta name="keywords" content="openbsd,main">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997 by OpenBSD.">
</head>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
<img alt="[OpenBSD]" SRC="/images/smalltitle.gif">
<p>
<h3><font color=#e00000>OpenBSD 2.1 Security Advisories</font></h3>
These are the OpenBSD 2.1 advisories. All these problems are solved
in OpenBSD 2.2. Some of these problems still exist in other
operating systems.
<ul>
<li><a href=rfork>Rfork() system call flaw (patch included)</a>
<li><a href=procfs>Procfs flaws (patch included)</a>
<li><a href=signals>Deviant Signals (patch included)</a>
</ul>
<p>
<h3><font color=#e00000>OpenBSD 2.2 Security Advisories</font></h3>
These are the OpenBSD 2.2 advisories. All these problems are
solved in OpenBSD current. Some of these problems still exist in other
operating systems. Patches are provided
<ul>
<li><a href=/errata.html#f00f>Intel P5 f00f lockup (patch included)</a>
<li><a href=/errata.html#sourceroute>
Sourcerouted Packet Acceptance (patch included)</a>
<li><a href=/errata.html#ruserok>Setuid coredump & Ruserok() flaw (patch included)</a>
<li><a href=/errata.html#mmap>Read-write mmap() flaw (patch included)</a>
</ul>
<p>
Other security advisories that have (in the past) affected OpenBSD can
be found at the <a href=http://www.secnet.com/nav1.html>Secure Networks archive</a>.
<p> If you find a new security problem, you can mail it to
<a href=mailto:deraadt@openbsd.org>deraadt@openbsd.org</a>.
<br>
If you wish to PGP encode it (but please only do so if privacy is very
urgent, since it is inconvenient) use this <a href=pgpkey>pgp key</a>.
<hr>
<font size="-1">
<em>This site Copyright © 1996, 1997 OpenBSD.</em><br>
$OpenBSD: security.html,v 1.11 1998/02/19 11:45:11 deraadt Exp $
</font>
</BODY>
</HTML>