This is the OpenBSD 2.3 release errata & patch list:
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
All architectures
- SECURITY FIX
If IPSEC communication is attempted by starting photurisd(8) (which is
disabled by default), a system crash may be evoked from remote if
an attacker uses some classes of invalid packets.
A source code patch exists which remedies this problem.
- SECURITY FIX
As stated in CERT advisory VB-98.04, there are buffer
overrun problems in xterm related to the input-Method,
preeditType, and *Keymap resources. Additional buffer overruns exist in
the Xaw library related to the inputMethod and
preeditType resources. The xterm(1) problem represents a security
vulnerability for any platform where xterm is installed setuid-root
(as is the case for all OpenBSD platforms). The Xaw problem represents
a security vulnerability for any setuid-root program that uses the Xaw
library (including xterm). Patch1 from XFree86 3.3.2 corrects
these problems.
We provide a version of this patch file specifically for the OpenBSD 2.3 tree.
Replacement tar files to be extracted in /usr/X11R6 are
also provided for
i386,
alpha,
mac68k,
mvme68k,
hp300,
sparc,
pmax,
and
arc.
i386
- CORRUPTED FILE
The CD version of the precompiled ghostscript package is corrupted and
not installable. The correct file can be retrieved by FTP from:
ftp://ftp.openbsd.org/pub/OpenBSD/2.3/packages/i386/ghostscript-5.10.tgz.
Its checksums (obtained with cksum(1), md5(1) and
sha1(1) respectively) are:
- 725752890 3639338 ghostscript-5.10.tgz
- MD5 (ghostscript-5.10.tgz) = 3144ca814ad1965d671be2b7be3d3050
- SHA1 (ghostscript-5.10.tgz) = bd9374fa547ac0078d5207463d3b0a19d80d213c
mac68k
- No problems identified yet.
sparc
amiga
- No problems identified yet.
pmax
- RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
arc
- RELEASE WARNING
The XFree86 binary set shipped on the CD and FTP site are not the
exact final set that we shipped for the other releases. A few minor
changes, mostly in xdm(1) configuration, were made
after those binaries were made. Patches for this might come out later.
alpha
- No problems identified yet.
hp300
- No problems identified yet.
mvme68k
- No problems identified yet.
powerpc
- SECURITY FIX
The powerpc release shipped on the OpenBSD 2.3 CD does not contain
two late fixes applied late in the release cycle. The
rmjob and
uucpd patches should be applied to
the system if those subsystems are used.
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
www@openbsd.org
$OpenBSD: errata.html,v 1.105 1998/05/06 14:25:56 deraadt Exp $