openbsd
/
www
mirror of https://github.com/openbsd/www.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
www/errata41.html

271 lines
9.8 KiB
HTML
Raw Permalink Blame History

<!doctype html>
<html lang=en id=errata>
<meta charset=utf-8>
<title>OpenBSD 4.1 Errata</title>
<meta name="description" content="the OpenBSD CD errata page">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openbsd.org/errata41.html">
<!--
IMPORTANT REMINDER
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE
-->
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>BSD</b></a>
4.1 Errata
</h2>
<hr>
For errata on a certain release, click below:<br>
<a href="errata20.html">2.0</a>,
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<br>
<a href="errata36.html">3.6</a>,
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata48.html">4.8</a>,
<a href="errata49.html">4.9</a>,
<a href="errata50.html">5.0</a>,
<a href="errata51.html">5.1</a>,
<a href="errata52.html">5.2</a>,
<br>
<a href="errata53.html">5.3</a>,
<a href="errata54.html">5.4</a>,
<a href="errata55.html">5.5</a>,
<a href="errata56.html">5.6</a>,
<a href="errata57.html">5.7</a>,
<a href="errata58.html">5.8</a>,
<a href="errata59.html">5.9</a>,
<a href="errata60.html">6.0</a>,
<a href="errata61.html">6.1</a>,
<a href="errata62.html">6.2</a>,
<a href="errata63.html">6.3</a>,
<a href="errata64.html">6.4</a>,
<a href="errata65.html">6.5</a>,
<a href="errata66.html">6.6</a>,
<a href="errata67.html">6.7</a>,
<a href="errata68.html">6.8</a>,
<br>
<a href="errata69.html">6.9</a>,
<a href="errata70.html">7.0</a>,
<a href="errata71.html">7.1</a>,
<a href="errata72.html">7.2</a>,
<a href="errata73.html">7.3</a>.
<hr>
<p>
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch contains usage instructions.
All the following patches are also available in one
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1.tar.gz">tar.gz file</a>
for convenience.
<p>
Patches for supported releases are also incorporated into the
<a href="stable.html">-stable branch</a>.
<hr>
<ul>
<li id="p001_mbuf">
<strong>001: SECURITY FIX: April 27, 2007</strong>
&nbsp; <i>All architectures</i><br>
Incorrect mbuf handling for ICMP6 packets.<br>
Using
<a href="https://man.openbsd.org/OpenBSD-4.1/pf.4">pf(4)</a>
to avoid the problem packets is an effective workaround until the patch
can be installed.<br>
Use "block in inet6" in /etc/pf.conf
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/001_mbuf.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p002_splnet">
<strong>002: STABILITY FIX: April 27, 2007</strong>
&nbsp; <i>All architectures</i><br>
Incorrect spl level can lead to panics under heavy kqueue usage.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/002_splnet.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p003_spamd">
<strong>003: RELIABILITY FIX: April 27, 2007</strong>
&nbsp; <i>All architectures</i><br>
Bugs found in the spamd synchronization mechanism could cause corrupted
databases.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/003_spamd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p004_xorg">
<strong>004: SECURITY FIX: April 27, 2007</strong>
&nbsp; <i>All architectures</i><br>
Multiple vulnerabilities have been discovered in X.Org.<br>
XC-MISC extension ProcXCMiscGetXIDList memory corruption vulnerability,
BDFFont parsing integer overflow vulnerability,
fonts.dir file parsing integer overflow vulnerability,
multiple integer overflows in the XGetPixel() and XInitImage functions
in ImUtil.c.
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1003">CVE-2007-1003</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351">CVE-2007-1351</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1352">CVE-2007-1352</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1667">CVE-2007-1667</a>.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/004_xorg.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p005_route6">
<strong>005: SECURITY FIX: April 27, 2007</strong>
&nbsp; <i>All architectures</i><br>
IPv6 type 0 route headers can be used to mount a DoS attack against
hosts and networks. This is a design flaw in IPv6 and not a bug in
OpenBSD.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/005_route6.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p006_altivec">
<strong>006: STABILITY FIX: April 27, 2007</strong>
&nbsp; <i>PowerPC</i><br>
An unhandled AltiVec assist exception can cause a kernel panic.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/macppc/006_altivec.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p007_kroute">
<strong>007: RELIABILITY FIX: April 30, 2007</strong>
&nbsp; <i>All architectures</i><br>
Link state is not correctly tracked in ospfd and ripd.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/007_kroute.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p008_xorg">
<strong>008: STABILITY FIX: May 9, 2007</strong>
&nbsp; <i>All Architectures</i><br>
A malicious client can cause a division by zero.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/008_xorg.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p009_file">
<strong>009: SECURITY FIX: July 9, 2007</strong>
&nbsp; <i>All Architectures</i><br>
Fix possible heap overflow in file(1), aka CVE-2007-1536.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/009_file.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p010_dhcpd">
<strong>010: SECURITY FIX: October 8, 2007</strong>
&nbsp; <i>All architectures</i><br>
Malicious DHCP clients could cause dhcpd(8) to corrupt its stack<br>
A DHCP client that claimed to require a maximum message size less than
the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/010_dhcpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p011_openssl">
<strong>011: SECURITY FIX: October 10, 2007</strong>
&nbsp; <i>All architectures</i><br>
The SSL_get_shared_ciphers() function in OpenSSL contains an off-by-one overflow.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/011_openssl.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p012_xorg">
<strong>012: SECURITY FIX: February 8, 2008</strong>
&nbsp; <i>All architectures</i><br>
<b>2nd revision, February 10, 2008</b><br>
Multiple vulnerabilities have been discovered in X.Org.<br>
XFree86 Misc extension out of bounds array index,
File existence disclosure,
Xinput extension memory corruption,
TOG-cup extension memory corruption,
MIT-SHM and EVI extensions integer overflows,
PCF Font parser buffer overflow.
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760">CVE-2007-5760</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958">CVE-2007-5958</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427">CVE-2007-6427</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428">CVE-2007-6428</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429">CVE-2007-6429</a>,
<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006">CVE-2008-0006</a>.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/012_xorg.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p013_tcprespond">
<strong>013: RELIABILITY FIX: February 22, 2008</strong>
&nbsp; <i>All architectures</i><br>
Incorrect assumptions in tcp_respond can lead to a kernel panic.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/013_tcprespond.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p014_ppp">
<strong>014: SECURITY FIX: March 7, 2008</strong>
&nbsp; <i>All architectures</i><br>
Buffer overflow in ppp command prompt parsing.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/014_ppp.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p015_openssh">
<strong>015: SECURITY FIX: March 30, 2008</strong>
&nbsp; <i>All architectures</i><br>
sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) <em>ForceCommand</em>
directive was in effect, allowing users with write access to this file to
execute arbitrary commands. This behaviour was documented, but was an unsafe
default and an extra hassle for administrators.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/015_openssh.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p016_openssh2">
<strong>016: SECURITY FIX: April 3, 2008</strong>
&nbsp; <i>All architectures</i><br>
Avoid possible hijacking of X11-forwarded connections with sshd(8)
by refusing to listen on a port unless all address families bind
successfully.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.1/common/016_openssh2.patch">
A source code patch exists which remedies this problem.</a>
<p>
</ul>
<hr>
Reference in New Issue View Git Blame Copy Permalink