The patches below are available in CVS via the
OPENBSD_3_0
patch branch.
For more detailed information on install patches to OpenBSD, please consult the OpenBSD FAQ.
Effectively an upgrade of OpenSSH 3.0 to OpenSSH 3.0.2,
a source code patch exists which remedies these problems.
This is the second version of this patch.
Systems running with IP-in-IP encapulation can be made to crash by
malformed packets.
A source code patch exists which remedies the problem.
A security issue exists in the lpd daemon that may allow an attacker
to create arbitrary new files in the root directory. Only machines
with line printer access (ie: listed in either /etc/hosts.lpd or
/etc/hosts.equiv) may be used to mount an attack and the attacker
must have root access on the machine. OpenBSD does not start lpd
in the default installation.
A source code patch exists which remedies the problem.
A security issue exists in the vi.recover script that may allow an attacker
to remove arbitrary zero-length files, regardless of ownership.
A source code patch exists which remedies the problem.
pf(4)
was incapable of dealing with certain ipv6 icmp packets, resulting in a crash.
A source code patch exists which remedies the problem.
sshd(8)
is being upgraded from OpenSSH 3.0 to OpenSSH 3.0.2 to fix a few problems:
By default, OpenSSH KerberosV support only becomes active after KerberosV
has been properly configured.
UseLogin
sshd option
boot cd:,OFWBOOT /3.0/macppc/bsd.rd