openbsd
/
www
mirror of https://github.com/openbsd/www.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
www/errata53.html

274 lines
9.1 KiB
HTML
Raw Permalink Blame History

<!doctype html>
<html lang=en id=errata>
<meta charset=utf-8>
<title>OpenBSD 5.3 Errata</title>
<meta name="description" content="the OpenBSD CD errata page">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openbsd.org/errata53.html">
<!--
IMPORTANT REMINDER
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE
-->
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>BSD</b></a>
5.3 Errata
</h2>
<hr>
For errata on a certain release, click below:<br>
<a href="errata20.html">2.0</a>,
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<br>
<a href="errata36.html">3.6</a>,
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata41.html">4.1</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata48.html">4.8</a>,
<a href="errata49.html">4.9</a>,
<a href="errata50.html">5.0</a>,
<a href="errata51.html">5.1</a>,
<br>
<a href="errata52.html">5.2</a>,
<a href="errata54.html">5.4</a>,
<a href="errata55.html">5.5</a>,
<a href="errata56.html">5.6</a>,
<a href="errata57.html">5.7</a>,
<a href="errata58.html">5.8</a>,
<a href="errata59.html">5.9</a>,
<a href="errata60.html">6.0</a>,
<a href="errata61.html">6.1</a>,
<a href="errata62.html">6.2</a>,
<a href="errata63.html">6.3</a>,
<a href="errata64.html">6.4</a>,
<a href="errata65.html">6.5</a>,
<a href="errata66.html">6.6</a>,
<a href="errata67.html">6.7</a>,
<a href="errata68.html">6.8</a>,
<br>
<a href="errata69.html">6.9</a>,
<a href="errata70.html">7.0</a>,
<a href="errata71.html">7.1</a>,
<a href="errata72.html">7.2</a>,
<a href="errata73.html">7.3</a>.
<hr>
<p>
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch contains usage instructions.
All the following patches are also available in one
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3.tar.gz">tar.gz file</a>
for convenience.
<p>
Patches for supported releases are also incorporated into the
<a href="stable.html">-stable branch</a>.
<hr>
<ul>
<li id="p001_bgpd">
<strong>001: RELIABILITY FIX: March 15, 2013</strong>
&nbsp; <i>All architectures</i><br>
A rare condition during session startup may cause bgpd to replace
an active session leading to unknown consequences. Bug found by
inspection (we do not know how to reproduce it, consider that a challenge).
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/001_bgpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p002_vr">
<strong>002: RELIABILITY FIX: May 5, 2013</strong>
&nbsp; <i>All architectures</i><br>
A flaw exists in the <a href="https://man.openbsd.org/OpenBSD-5.3/vr.4"
>vr(4)</a> driver that may cause it to not recover from some error conditions.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/002_vr.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p003_nginx">
<strong>003: RELIABILITY FIX: May 17, 2013</strong>
&nbsp; <i>All architectures</i><br>
A problem exists in
<a href="https://man.openbsd.org/OpenBSD-5.3/nginx.8">nginx(8)</a>
if proxy_pass is used with untrusted HTTP backend servers.
The problem may lead to a denial of service or a disclosure of a
worker process memory on a specially crafted response from an
upstream proxied server.
This issue was assigned CVE-2013-2070.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/003_nginx.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p004_route">
<strong>004: RELIABILITY FIX: May 17, 2013</strong>
&nbsp; <i>All architectures</i><br>
As discovered by Peter Philipp, it is possible for an unprivileged user
process to trigger deleting the undeletable RNF_ROOT route, resulting in
a kernel panic.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/004_route.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p005_in6">
<strong>005: RELIABILITY FIX: May 31, 2013</strong>
&nbsp; <i>All architectures</i><br>
A local denial of service is possible by an unprivileged user if the
SIOCSIFADDR ioctl is performed upon an AF_INET6 socket with a specially
crafted parameter.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/005_in6.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p006_tftpd">
<strong>006: RELIABILITY FIX: June 12, 2013</strong>
&nbsp; <i>All architectures</i><br>
A denial of services was discovered where certain combinations of
TFTP options could cause OACK generation to fail, which in turn
caused a double free in tftpd.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/006_tftpd.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p007_vio">
<strong>007: RELIABILITY FIX: June 12, 2013</strong>
&nbsp; <i>All architectures</i><br>
Two flaws in the <a href="https://man.openbsd.org/OpenBSD-5.3/vio.4">vio(4)</a>
driver may cause a kernel panic, and may cause IPv6 neighbour discovery to fail
due to multicast receive problems.<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/007_vio.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p008_pflow">
<strong>008: RELIABILITY FIX: Nov 7, 2013</strong>
&nbsp; <i>All architectures</i><br>
A crash can happen on
<a href="https://man.openbsd.org/OpenBSD-5.3/pflow.4">pflow(4)</a>
interface destruction.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/008_pflow.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p009_sshgcm">
<strong>009: SECURITY FIX: Nov 7, 2013</strong>
&nbsp; <i>All architectures</i><br>
A memory corruption vulnerability exists in the post-authentication sshd process
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
selected during kex exchange.
Review the <a href="https://www.openssh.com/txt/gcmrekey.adv">gcmrekey advisory</a>
for a mitigation.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/009_sshgcm.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p010_vnode">
<strong>010: RELIABILITY FIX: Nov 11, 2013</strong>
&nbsp; <i>All architectures</i><br>
An unprivileged user may hang the system.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/010_vnode.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p011_nginx">
<strong>011: SECURITY FIX: Nov 21, 2013</strong>
&nbsp; <i>All architectures</i><br>
A problem exists in
<a href="https://man.openbsd.org/OpenBSD-5.3/nginx.8">nginx(8)</a>
which might allow an attacker to bypass security restrictions in certain
configurations by using a specially crafted request.
This issue was assigned CVE-2013-4547.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/011_nginx.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p012_sha512">
<strong>012: RELIABILITY FIX: Dec 19, 2013</strong>
&nbsp; <i>Strict alignment architectures</i><br>
In OpenSSL, use of the SHA384 SSL/TLS ciphers may result in a crash of
the application. The i386, amd64, vax and m68k platforms aren't
affected.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/012_sha512.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p013_libXfont">
<strong>013: SECURITY FIX: Jan 10, 2014</strong>
&nbsp; <i>All architectures</i><br>
A BDF font file containing a longer than expected string could overflow
a buffer on the stack in the X server.
This issue was assigned CVE-2013-6462.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/013_libXfont.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p014_openssl">
<strong>014: SECURITY FIX: April 8, 2014</strong>
&nbsp; <i>All architectures</i><br>
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS
heartbeat extension (RFC6520) which can result in a leak of memory contents.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/014_openssl.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p015_openssl">
<strong>015: SECURITY FIX: April 12, 2014</strong>
&nbsp; <i>All architectures</i><br>
A use-after-free race condition in OpenSSL's read buffer may permit an attacker
to inject data from one connection into another.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/5.3/common/015_openssl.patch">
A source code patch exists which remedies this problem.</a>
<p>
</ul>
<hr>
Reference in New Issue View Git Blame Copy Permalink