This is the OpenBSD 3.7 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.8.
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_3_7
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
008: SECURITY FIX: January 5, 2006 All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: January 5, 2006 All architectures
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
A source code patch exists which remedies this problem.
-
006: RELIABILITY FIX: November 5, 2005 All architectures
Due to wrong advertisement of RFC 3947 compliance interoperability problems with
isakmpd(8)
may occur.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: July 21, 2005 All architectures
A buffer overflow has been found in
compress(3)
which may be exploitable.
Please note that this fixes a different buffer overflow than the previous zlib patch.
A source code patch exists which remedies this problem.
-
004: SECURITY FIX: July 6, 2005 All architectures
A buffer overflow has been found in
compress(3)
which may be exploitable.
A source code patch exists which remedies this problem.
-
003: SECURITY FIX: June 20, 2005 All architectures
Due to a race condition in its command pathname handling, a user with
sudo(8)
privileges may be able to run arbitrary commands if the user's entry
is followed by an entry that grants sudo ALL privileges to
another user.
A source code patch exists which remedies this problem.
-
002: RELIABILITY FIX: June 15, 2005 All architectures
As discovered by Stefan Miltchev calling
getsockopt(2)
to get
ipsec(4)
credentials for a socket can result in a kernel panic.
A source code patch exists which remedies this problem.
-
001: SECURITY FIX: June 7, 2005 All architectures
Fix a buffer overflow, memory leaks, and NULL pointer dereference in
cvs(1)
. None of these issues are known to be exploitable.
CAN-2005-0753
.
A source code patch exists which remedies this problem.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.8.
www@openbsd.org
$OpenBSD: errata37.html,v 1.5 2006/01/05 05:34:08 brad Exp $