This is the OpenBSD 3.8 release errata & patch list:
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.9,
You can also fetch a tar.gz file containing all the following patches.
This file is updated once a day.
The patches below are available in CVS via the
OPENBSD_3_8
patch branch.
For more detailed information on how to install patches to OpenBSD, please
consult the OpenBSD FAQ.
-
008: SECURITY FIX: June 15, 2006 All architectures
A potential denial of service problem has been found in sendmail. A malformed MIME
message could trigger excessive recursion which will lead to stack exhaustion.
This denial of service attack only affects delivery of mail from the queue and
delivery of a malformed message. Other incoming mail is still accepted and
delivered. However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.
A source code patch exists which remedies this problem.
-
007: SECURITY FIX: May 2, 2006 All architectures
A security vulnerability has been found in the X.Org server --
CVE-2006-1526.
Clients authorized to connect to the X server are able to crash it and to execute
malicious code within the X server.
A source code patch exists which remedies this problem.
-
006: SECURITY FIX: March 25, 2006 All architectures
A race condition has been reported to exist in the handling by sendmail of
asynchronous signals. A remote attacker may be able to execute arbitrary code with the
privileges of the user running sendmail, typically root.
A source code patch exists which remedies this problem.
-
005: SECURITY FIX: February 12, 2006 All architectures
Josh Bressers has reported a weakness in OpenSSH caused due to the insecure use of the
system(3)
function in
scp(1)
when performing copy operations using filenames that are supplied by the user from the command line.
This can be exploited to execute shell commands with privileges of the user running
scp(1).
A source code patch exists which remedies this problem.
-
004: RELIABILITY FIX: January 13, 2006 i386 architecture
Constrain
i386_set_ioperm(2)
so even root is blocked from accessing the ioports
unless the machine is running at lower securelevels or with an open X11 aperture.
A source code patch exists which remedies this problem.
-
003: RELIABILITY FIX: January 13, 2006 i386 architecture
Change the implementation of i386 W^X so that the "execute line" can move around.
Before it was limited to being either at 512MB (below which all code normally
lands) or at the top of the stack. Now the line can float as
mprotect(2)
and
mmap(2)
requests need it to. This is now implemented using only GDT selectors
instead of the LDT so that it is more robust as well.
A source code patch exists which remedies this problem.
-
002: SECURITY FIX: January 5, 2006 All architectures
Do not allow users to trick suid programs into re-opening files via /dev/fd.
A source code patch exists which remedies this problem.
-
001: SECURITY FIX: January 5, 2006 All architectures
A buffer overflow has been found in the Perl interpreter with the sprintf function which
may be exploitable under certain conditions.
A source code patch exists which remedies this problem.
For OpenBSD patch branch information, please refer here.
For important packages updates, please refer here.
For errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.9.
www@openbsd.org
$OpenBSD: errata38.html,v 1.7 2006/06/16 00:15:30 brad Exp $