This is the OpenBSD 2.4 release errata & patch list:
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
All architectures
- SECURITY FIX
A buffer overflow existed in ping(8), which may have a security issue.
A source code patch exists which remedies this problem.
- SECURITY FIX
A race condition in IP ipq handling could permit a remote crash.
A source code patch exists which remedies this problem.
It must be installed after the maxqueue patch.
- SECURITY FIX
A race condition existed between accept(2) and select(2) which could
permit an attacker to hang sockets from remote.
A source code patch exists which remedies this problem.
- SECURITY FIX
IP fragment assembly can bog the machine excessively and cause problems.
A source code patch exists which remedies this problem.
- FUNCTIONALITY FIX
The readv(2) and writev(2) system calls would not accept a struct iovec
with an iov_len of 0. This causes a db test in perl to fail.
A source code patch exists which remedies this problem.
- SECURITY FIX
TCP/IP RST handling was too sloppy.
A source code patch exists which remedies this problem.
- FUNCTIONALITY FIX
During bootup, kvm_mkdb may exit with the error "kvm_mkdb: cannot allocate
memory".
A source code patch exists which remedies this problem.
- FUNCTIONALITY FIX
A problem with writing to NFS version 3 mounted filesystems from Solaris 7
hosts exists. Attempts to create files will result in a error such as
"Inappropriate file type or format".
A source code patch exists which remedies this problem.
- FUNCTIONALITY FIX
A problem with NFS version 3 mounts on big endian machines (m68k, sparc
and powerpc) exists when mounting filesystems larger than 2gig. You
can see evidence of the bug by running df(1) and checking for negative
partition sizes.
A source code patch exists which remedies this problem.
- SECURITY FIX
A security problem exists in the curses and ocurses libraries that affect
setuid programs linked with -lcurses or -locurses.
A source code patch exists which remedies this problem.
Precompiled versions of libcurses and libocurses exist for the
i386
platform. Unpack it in /usr/lib.
- FUNCTIONALITY FIX
A workaround for an xterm problem that causes vi to not
restore the correct cursor position on exit.
A source code patch exists which remedies this problem.
Alternately, you can also download a pre-compiled terminfo file to be
installed as /usr/share/misc/terminfo.db. For i386,
alpha and mips, use the
little endian version. For sparc, m68k and powerpc, use the
big endian version.
- FUNCTIONALITY FIX
userdir support was accidentally left out of httpd(8).
A source code patch exists which remedies this problem.
- SECURITY FIX
A remotely exploitable problem exists in bootpd(8). bootpd is disabled
by default, but some people may actually be using it.
A source code patch exists which remedies this problem, this is the
second version of the patch.
- SECURITY FIX
A remote machine lockup problem exists in the TCP decoding code.
A source code patch exists which remedies this problem.
i386
mac68k
- No problems identified yet.
sparc
amiga
- No problems identified yet.
pmax
- No problems identified yet.
arc
- No problems identified yet.
alpha
- No problems identified yet.
hp300
- FUNCTIONALITY FIX
The Xhp as shipped does not have the execute permissions set. The fix is
'chmod 755 /usr/X11R6/bin/Xhp' if you have installed X.
mvme68k
- No problems identified yet.
powerpc
- No problems identified yet.
For 2.1 errata, please refer here.
For 2.2 errata, please refer here.
For 2.3 errata, please refer here.
www@openbsd.org
$OpenBSD: errata.html,v 1.168 1999/02/24 23:24:50 deraadt Exp $