This is the OpenBSD 3.6 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_3_6
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
011: SECURITY FIX: February 28, 2005 i386 only
More stringent checking should be done in the
copy(9)
functions to prevent their misuse.
A source code patch exists which remedies this problem.
-
010: RELIABILITY FIX: January 11, 2005 All architectures
A bug in the
tcp(4)
stack allows an invalid argument to be used in calculating the TCP
retransmit timeout. By sending packets with specific values in the TCP
timestamp option, an attacker can cause a system panic.
A source code patch exists which remedies this problem.
-
009: SECURITY FIX: January 12, 2005 All architectures
httpd(8)
's mod_include module fails to properly validate the length of
user supplied tag strings prior to copying them to a local buffer,
causing a buffer overflow.
This would require enabling the XBitHack directive or server-side
includes and making use of a malicious document.
A source code patch exists which remedies this problem.
-
008: RELIABILITY FIX: January 6, 2005 All architectures
The
getcwd(3)
library function contains a memory management error, which causes failure
to retrieve the current working directory if the path is very long.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: December 14, 2004 All architectures
On systems running
isakmpd(8)
it is possible for a local user to cause kernel memory corruption
and system panic by setting
ipsec(4)
credentials on a socket.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: November 21, 2004 All architectures
Fix for transmit side breakage on macppc and mbuf leaks with
xl(4).
A source code patch exists which remedies this problem.
-
005: RELIABILITY FIX: November 21, 2004 All architectures
Wrong calculation of NAT-D payloads may cause interoperability problems between
isakmpd(8)
and other ISAKMP/IKE implementations.
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: November 10, 2004 All architectures
Due to a bug in
lynx(1)
it is possible for pages such as
this
to cause
lynx(1)
to exhaust memory and then crash when parsing such pages.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: November 10, 2004 All architectures
pppd(8)
contains a bug that allows an attacker to crash his own connection, but it cannot
be used to deny service to other users.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: November 10, 2004 All architectures
BIND contains a bug which results in BIND trying to contact nameservers via IPv6, even in
cases where IPv6 connectivity is non-existent. This results in unneccessary timeouts and
thus slow DNS queries.
A source code patch exists which remedies this problem.
-
001: RELIABILITY FIX: November 10, 2004 All architectures
Fix detection of tape blocksize during device open. Corrects problem with
restore(8).
A source code patch exists which remedies this problem.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5.
www@openbsd.org
$OpenBSD: errata.html,v 1.527 2005/03/08 10:09:00 tom Exp $