This is the OpenBSD 3.1 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.
For 2.6 errata, please refer here.
For 2.7 errata, please refer here.
For 2.8 errata, please refer here.
For 2.9 errata, please refer here.
For 3.0 errata, please refer here.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_3_1
patch branch.
For more detailed information on install patches to OpenBSD, please
consult the OpenBSD FAQ.
All architectures
- 010: RELIABILITY FIX: July 5, 2002
Receiving IKE payloads out of sequence can cause
isakmpd(8) to crash.
A source code patch exists which remedies the problem.
This is the second version of the patch.
- 009: SECURITY FIX: June 27, 2002
The kernel would let any user ktrace(2) set[ug]id processes.
A source code patch exists which remedies the problem.
- 008: SECURITY FIX: June 26, 2002
A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd
module, leading to possible remote crash or exploit.
A source code patch exists which remedies the problem.
- 007: SECURITY FIX: June 25, 2002
A potential buffer overflow in the DNS resolver has been found.
A source code patch exists which remedies the problem.
- 006: SECURITY FIX: June 24, 2002
All versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation
error that can result in an integer overflow and privilege escalation.
This problem is fixed in OpenSSH
3.4, and a patch for the vulnerable releases is available as part of the
security advisory.
- 005: SECURITY FIX: June 19, 2002
A buffer overflow can occur during the interpretation of chunked
encoding in the http daemon, leading to possible remote crash or exploit.
A source code patch exists which remedies the problem.
- 004: SECURITY FIX: May 22, 2002
Under certain conditions, on systems using YP with netgroups in the
password database, it is possible that
sshd(8)
does ACL checks for the requested user name but uses the password
database entry of a different user for authentication. This means
that denied users might authenticate successfully while permitted
users could be locked out.
A source code patch exists which remedies the problem.
- 003: SECURITY FIX: May 8, 2002
A race condition exists where an attacker could fill the file descriptor
table and defeat the kernel's protection of fd slots 0, 1, and 2 for a
setuid or setgid process.
A source code patch exists which remedies the problem.
- 002: SECURITY FIX: April 25, 2002
A bug in sudo(8) may allow an attacker to corrupt the heap by specifying a custom prompt.
A source code patch exists which remedies the problem.
- 001: SECURITY FIX: April 22, 2002
A local user can gain super-user privileges due to a buffer overflow
in sshd(8)
if AFS has been configured on the system or if
KerberosTgtPassing or AFSTokenPassing has been enabled
in the sshd_config file. Ticket and token passing is not enabled
by default.
A source code patch exists which remedies the problem.
i386
- No problems identified yet.
alpha
- No problems identified yet.
mac68k
- No problems identified yet.
sparc
- No problems identified yet.
sparc64
- No problems identified yet.
amiga
- No problems identified yet.
hp300
- No problems identified yet.
mvme68k
- No problems identified yet.
macppc
- No problems identified yet.
vax
- No problems identified yet.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
For 2.4 errata, please refer here.
For 2.5 errata, please refer here.
For 2.6 errata, please refer here.
For 2.7 errata, please refer here.
For 2.8 errata, please refer here.
For 2.9 errata, please refer here.
For 3.0 errata, please refer here.
www@openbsd.org
$OpenBSD: errata.html,v 1.407 2002/07/10 11:22:47 ho Exp $