openbsd 4.0 errata
openbsd 4.0 errata
this is the openbsd 4.0 release errata & patch list:
for openbsd patch branch information, please refer here.
for important packages updates, please refer here.
for errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.1,
4.2.
you can also fetch a tar.gz file containing all the following patches.
this file is updated once a day.
the patches below are available in cvs via the
openbsd_4_0 patch branch.
for more detailed information on how to install patches to openbsd, please
consult the openbsd faq.
017: security fix: october 10, 2007 all architectures
the ssl_get_shared_ciphers() function in openssl contains an off-by-one overflow.
a source code patch exists which remedies this problem.
016: security fix: october 8, 2007 all architectures
malicious dhcp clients could cause dhcpd(8) to corrupt its stack
a dhcp client that claimed to require a maximum message size less than
the minimum ip mtu could cause dhcpd(8) to overwrite stack memory.
a source code patch exists which remedies this problem.
015: security fix: july 9, 2007 all architectures
fix possible heap overflow in file(1), aka cve-2007-1536.
a source code patch exists which remedies this problem.
014: stability fix: may 9, 2007 all architectures
a malicious client can cause a division by zero.
a source code patch exists which remedies this problem.
013: stability fix: april 26, 2007 powerpc
an unhandled altivec assist exception can cause a kernel panic.
a source code patch exists which remedies this problem.
012: security fix: april 23, 2007 all architectures
ipv6 type 0 route headers can be used to mount a dos attack against
hosts and networks. this is a design flaw in ipv6 and not a bug in
openbsd.
a source code patch exists which remedies this problem.
011: security fix: april 4, 2007 all architectures
multiple vulnerabilities have been discovered in x.org.
xc-misc extension procxcmiscgetxidlist memory corruption vulnerability,
bdffont parsing integer overflow vulnerability,
fonts.dir file parsing integer overflow vulnerability,
multiple integer overflows in the xgetpixel() and xinitimage functions
in imutil.c.
cve-2007-1003,
cve-2007-1351,
cve-2007-1352,
cve-2007-1667.
a source code patch exists which remedies this problem.
010: security fix: march 7, 2007 all architectures
2nd revision, march 17, 2007
incorrect mbuf handling for icmp6 packets.
using
pf(4)
to avoid the problem packets is an effective workaround until the patch
can be installed.
use "block in inet6" in /etc/pf.conf
a source code patch exists which remedies this problem.
009: interoperability fix: february 4, 2007 all architectures
a us daylight saving time rules change takes effect in 2007.
a source code patch exists which syncs the timezone data files with tzdata2007a.
008: reliability fix: january 16, 2007 all architectures
under some circumstances, processing an icmp6 echo request would cause
the kernel to enter an infinite loop.
a source code patch exists which remedies this problem.
007: security fix: january 3, 2007
i386 only
insufficient validation in
vga(4)
may allow an attacker to gain root privileges if the kernel is compiled with
option pciagp
and the actual device is not an agp device.
the pciagp option is present by default on i386
kernels only.
a source code patch exists which remedies this problem.
006: ftp distribution error: december 4, 2006 all architectures
the src.tar.gz and ports.tar.gz archives
released on ftp were created incorrectly, a week after the 4.0 release. the
archives on the cd sets are correct; this only affects people who downloaded
them from a mirror.
the archives have been corrected. the correct md5 of
ports.tar.gz is eff352b4382a7fb7ffce1e8b37e9eb56, and for
src.tar.gz it is b8d7a0dc6f3d27a5377a23d69c40688e.
005: security fix: november 19, 2006 all architectures
the elf
ld.so(1)
fails to properly sanitize the environment. there is a potential localhost security
problem in cases we have not found yet. this patch applies to all elf-based
systems (m68k, m88k, and vax are a.out-based systems).
a source code patch exists which remedies this problem.
004: reliability fix: november 7, 2006 all architectures
due to a bug in the
arc(4)
raid driver the driver will not properly synchronize the cache to the logical volumes
upon system shut down. the result being that the mounted file systems within the logical
volumes will not be properly marked as being clean and fsck will be run for the subsequent
boot up.
a source code patch exists which remedies this problem.
003: security fix: november 4, 2006 all architectures
fix for an integer overflow in
systrace(4)'s
striocreplace support, found by
chris evans. this could be exploited for dos, limited kmem reads or local
privilege escalation.
a source code patch exists which remedies this problem.
002: security fix: november 4, 2006 all architectures
several problems have been found in openssl. while parsing certain invalid asn.1
structures an error condition is mishandled, possibly resulting in an infinite
loop. a buffer overflow exists in the ssl_get_shared_ciphers function. a null
pointer may be dereferenced in the ssl version 2 client code. in addition, many
applications using openssl do not perform any validation of the lengths of
public keys being used.
cve-2006-2937,
cve-2006-3738,
cve-2006-4343,
cve-2006-2940
a source code patch exists which remedies this problem.
001: security fix: november 4, 2006 all architectures
httpd(8)
does not sanitize the expect header from an http request when it is
reflected back in an error message, which might allow cross-site scripting (xss)
style attacks.
cve-2006-3918
a source code patch exists which remedies this problem.
for openbsd patch branch information, please refer here.
for important packages updates, please refer here.
for errata on a certain release, click below:
2.1,
2.2,
2.3,
2.4,
2.5,
2.6,
2.7,
2.8,
2.9,
3.0,
3.1,
3.2,
3.3,
3.4,
3.5,
3.6,
3.7,
3.8,
3.9,
4.1,
4.2.
www@openbsd.org
$openbsd: errata40.html,v 1.21 2007/10/11 15:07:22 deraadt exp $
Acceuil
suivante
openbsd 4.0 errata Water fix proposed in Southeast - Weather - MSNBC.com Lettres édifiantes et curieuses, écrites des missions étrangères. - Résultats Google Recherche de Livres Candy- Chocolate- A Candy Fix Free Registry Fix - Fix My Registry QuickFix: Open Source FIX Engine SmitFraudFix Macworld: News: Apple posts QuickTime security fix Macworld: News: Apple releases fix for iMac freezing issue The new urgency to fix online privacy Tech News on ZDNet The Beyonce Fix Intro.... Let's Fix britain IEBlog : Fix My Settings in IE7 GRC FIX-CIH Virus Recovery SubZero Fix PSTwo - : FOXCHIP : Modification et Réparation des ... Debian: New phpmyadmin packages fix cross-site scripting - The ... Mandriva: Updated netpbm packages fix vulnerability - The ... How to Fix No Child Left Behind - TIME Film Fix v1.0 JScreenFix - Fix stuck pixels and screen burn-in Mac OS X and iPod Troubleshooting, Support, and Help - MacFixIt Braun 1775 FREE Control /FIX 100 : avis de consommateurs ... Macworld: News: Word fix corrects quit on print error Macworld: Mac 911: Bugs & Fixes: Fix Leopard glitches Housse Sit Fix pour coussin 3 en 1, Housse Sit Fix - Fnac éveil et ... Blagojevich floats new temporary fix :: CHICAGO SUN-TIMES ... Here's hoping fix is in :: CHICAGO SUN-TIMES :: Mike Mulligan Fix-it Index Page Functions, events, club, bar, lounge, entertainment, Venues ... Fix the Fells - Home Excel Recovery Tool - Fix & Repair Excel File - Corrupt XLS Repair ... Reviews: Video Game Reviews Are Broken, Please Fix System Downloads : DHCP Fix /// AnalogX How to fix broken Firefox extensions Free Software Magazine molly.com » So How Do We Fix the Web, Really? PKH-fix - Prozeßkostenhilfeberechnung macosxhints.com - 10.5: A fix for broken video chats and screen ... Acheter Housse pouf Sit Fix... avec eco-SAPIENS MacNN Apple updates iMac fix for Tiger users MacNN Apple updates iMac fix for Tiger users Madeleine Fix-Hansen :: Design :: Illustration :: Media ... How not to fix HTML ¶ Personal Weblog of Joe Clark, Toronto Histoire philosophique et politique des établissemens et du ... - Résultats Google Recherche de Livres Markdown Fix Registry Repair, Clean Up & File Fix for Windows PNG in Internet Explorer: How to Use SF Gate: Columnists: Mark Morford Archive PC Fix Error Doctor Registry Cleaner PC Diagnostics PC Checkup FIX-IT - bedrijvengids - handelsgids - webdesign - Pc repair ... Wiki Autrans - Fix Fix all Ajax cross-browser problems then deploy IPython fix for Leopard - O'Reilly ONLamp Blog Ajaxian » IE’s Memory Leak Fix Greatly Exaggerated Object Fix Zip - Freeware for repairing damaged ZIP archives with ... Bike Shop Frederick, Maryland Bike Repairs, Bike Sales --BICYCLE ... Two charged with hacking PeopleSoft to fix grades - Network World BBC/OU Open2.net - Can Gerry Robinson Fix The NHS? Google to fix blog noise problem The Register Tena Fix - Incontinence Windows Mobile 5.0 Fix Site - Home Bug Fix Weekend finished :: pnCommunity :: Support at your fingertips