errata28.html

<!DOCTYPE HTML PUBLIC  "-//IETF//DTD HTML Strict//EN">
<html>
<head>
<title>OpenBSD 2.8 errata</title>
<link rev=made href=mailto:www@openbsd.org>
<meta name="resource-type" content="document">
<meta name="description" content="the OpenBSD CD errata page">
<meta name="keywords" content="openbsd,cd,errata">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1997-1998 by OpenBSD.">
</head>

<BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">

<img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
<h2><font color=#0000e0>
This is the OpenBSD 2.8 release errata &amp; patch list:

</font></h2>

<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
<a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
<a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
<a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
<a href=errata25.html>For 2.5 errata, please refer here</a>.<br>
<a href=errata26.html>For 2.6 errata, please refer here</a>.<br>
<a href=errata27.html>For 2.7 errata, please refer here</a>.<br>
<a href=errata28.html>For 2.8 errata, please refer here</a>.<br>
<a href=errata29.html>For 2.9 errata, please refer here</a>.<br>
<hr>

<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8.tar.gz>
You can also fetch a tar.gz file containing all the following patches</a>.
This file is updated once a day.

<p> The patches below are available in CVS via the
<code>OPENBSD_2_8</code> <a href="stable.html">patch branch</a>.

<p>
For more detailed information on install patches to OpenBSD, please
consult the <a href="./faq/faq10.html#10.14">OpenBSD FAQ</a>.
<hr>

<dl>
<a name=all></a>
<li><h3><font color=#e00000>All architectures</font></h3>
<ul>
<a name=ipf_frag></a>
<li><font color=#009000><strong>027: SECURITY FIX: Apr 23, 2001</strong></font><br>
IPF has a serious problem with fragment cacheing, the bug is triggered if you use the <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ipf&sektion=5">ipf(5)</a> syntax &quot;keep state&quot;.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/027_ipf-frag.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=glob_limit></a>
<li><font color=#009000><strong>026: SECURITY FIX: Apr 23, 2001</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=glob&sektion=3">ftpd(8)</a> has a potential DoS related to <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=glob&sektion=3">glob(3)</a>. This patch introduces a GLOB_LIMIT, eliminating the DoS. You must have <a href="#glob">025_glob.patch</a> installed before installing this patch.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/026_globlimit.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=glob></a>
<li><font color=#009000><strong>025: SECURITY FIX: Apr 10, 2001</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=glob&sektion=3">glob(3)</a> contains multiple buffer overflows. <br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/025_glob.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=readline></a>
<li><font color=#009000><strong>024: SECURITY FIX: Mar 18, 2001</strong></font><br>
The readline library shipped with OpenBSD allows history files creation
with a permissive
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=umask&sektion=2">umask(2)</a>.
This can lead to the leakage of sensitive information in applications
that use passwords and the like during user interaction (one such
application is mysql).<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/024_readline.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=ipsec_ah></a>
<li><font color=#009000><strong>023: SECURITY FIX: Mar 2, 2001</strong></font><br>
Insufficient checks in the IPSEC AH IPv4 option handling code can lead to a buffer overrun leading to a remote DoS. This option is not on by default.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/023_ip_ah.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=sudo></a>
<li><font color=#009000><strong>021: SECURITY FIX: Feb 22, 2001</strong></font><br>
There is a non-exploitable buffer overflow in
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sudo&sektion=8">sudo</a>.
<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/021_sudo.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=libwrap></a>
<li><font color=#009000><strong>020: IMPLEMENTATION FIX: Feb 15, 2001</strong></font><br>
Client side ident protocol was broken in libwrap, affecting anything using libwrap including <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpd&sektion=8">tcpd</a>. The effect of this was that libwrap would never retrieve and log ident values from remote hosts on connections.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/020_libwrap.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=lepci></a>
<li><font color=#009000><strong>019: IMPLEMENTATION FIX: Jan 31, 2001</strong></font><br>
Fix memory allocation in the PCI LANCE driver, <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=le&sektion=4&arch=i386">le</a>.  A side effect of this is that OpenBSD under VMWare now works again.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/019_lepci.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=named></a>
<li><font color=#009000><strong>018: SECURITY FIX: Jan 29, 2001</strong></font><br>
Merge <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=named&sektion=8">named</a>
with ISC BIND 4.9.8-REL, which fixes some buffer vulnerabilities (actually it appears
that these were already impossible to exploit beforehands).<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/018_named.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=rnd></a>
<li><font color=#009000><strong>017: SECURITY FIX: Jan 22, 2001</strong></font><br>
The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=random&sektion=4">rnd(4)</a> device does not use all of its input when data is written to it.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/017_rnd.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=tl></a>
<li><font color=#009000><strong>016: RELIABILITY FIX: Jan 4, 2001</strong></font><br>
Allow ThunderLAN cards to share interrupts nicely.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/016_tl.patch">A source code patch exists which remedies the problem.</a>
<p>
<a name=xlock></a>
<li><font color=#009000><strong>014: SECURITY FIX: Dec 22, 2000</strong></font><br>
Improve xlock(1)'s authentication by authenticating via a pipe in an early forked process. No known vulnerability exists, this is just a precautionary patch.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/014_xlock.patch">A source code patch exists which remedies the problem.</a>
<p>
In addition to a source code patch, new xlock binaries have been created for each architecture listed below. Place these binaries at <i>/usr/X11R6/bin/xlock</i>
 and <i>chmod 4755 /usr/X11R6/bin/xlock</i>.
<p>
<ul>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/xlock">Xlock - i386</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/xlock">Xlock - sparc</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/mac68k/xlock">Xlock - mac68k</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/powerpc/xlock">Xlock - powerpc</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/amiga/xlock">Xlock - amiga</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/hp300/xlock">Xlock - hp300</a>
<li><a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/mvme68k/xlock">Xlock - mvme68k</a>
</ul>
<p>
<a name=procfs></a>
<li><font color=#009000><strong>013: SECURITY FIX: Dec 18, 2000</strong></font><br>
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mount_procfs&sektion=8">Procfs</a> contained numerous overflows, which could lead an intruder to root permissions. Procfs is NOT enabled by default in OpenBSD. <br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/013_procfs.patch">A source code patch exists which remedies the problem.</a>
<p>
<a name=hwcrypto></a>
<li><font color=#009000><strong>011: RELIABILITY FIX: Dec 13, 2000</strong></font><br>
The crypto subsystem could incorrectly fail to run certain software ciphers,
if a hardware card existed in the machine.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/011_hwcrypto.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=fastroute></a>
<li><font color=#009000><strong>010: RELIABILITY FIX: Dec 11, 2000</strong></font><br>
A crash could occur during fast routing, if IPSEC was enabled.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/010_fastroute.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=kerberos2></a>
<li><font color=#009000><strong>009: SECURITY FIX: Dec 10, 2000</strong></font><br>
Another problem exists in the Kerberos libraries.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/009_kerberos2.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=kerberos></a>
<li><font color=#009000><strong>008: SECURITY FIX: Dec 7, 2000</strong></font><br>
Two problems have recently been discovered in the KerberosIV code.<p>
1. A symlink problem was discovered in the KerberosIV password checking
routines /usr/bin/su and /usr/bin/login, which makes it possible for a
local user to overwrite any file on the local machine.<p>
2. It is possible to specify environment variables in telnet
which will be passed over the to the remote host. This makes it
possible to set environment variables on the remote side, including
ones that have special meaning on the server. It is not clear at this
time what the impact is, but we recommend everyone to upgrade their
machines immediately.<p>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/008_kerberos.patch">
A source code patch exists which remedies the problem.</a>
<p>
<a name=ftpd></a>
<li><font color=#009000><strong>005: SECURITY FIX: Dec 4, 2000</strong></font><br>
OpenBSD 2.8's ftpd contains a one-byte overflow in the replydirname() function.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/005_ftpd.patch">
A source code patch exists which remedies the problem.</a><br>
You can view the <a href="advisories/ftpd_replydirname.txt">OpenBSD Advisory</a> here.
<p>
<a name=rijndael> </a>
<li><font color=#009000><strong>004: RELIABILITY FIX: Nov 17, 2000</strong></font><br>
First off, AES (rijndael) encryption and decryption were broken for IPSec
and swap encryption.<br>
Secondly, the AES code did not work properly on big endian machines.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/004_rijndael.patch">
A second revision source code patch exists which remedies the problem.</a>
<p>
<li><font color=#009000><strong>002: IMPLEMENTATION FIX: Nov 10, 2000</strong></font><br>
In ssh(1), skey support for SSH1 protocol was broken.  Some people might consider
that kind of important.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/002_sshskey.patch>
A source code patch exists which remedies this problem.</a>
</ul>
<p>
<a name=i386></a>
<li><h3><font color=#e00000>i386</font></h3>
<ul>
<a name=userldt></a>
<li><font color=#009000><strong>022: SECURITY FIX: Mar 2, 2001</strong></font><br>
The <b>USER_LDT</b> kernel option allows an attacker to gain access to privileged areas of kernel memory. This option is not on by default.
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/022_userltd.patch">A source code patch exists which remedies the problem.</a><br>
<p>
<a name=pms></a>
<li><font color=#009000><strong>015: STABILITY FIX: Dec 22, 2000</strong></font><br>
Some machines locked up while trying to use the mouse in console mode. This patch solves that problem.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/i386/015_pms.patch">A source code patch exists which remedies this problem.</a>
<p>
<a name=pcibios></a>
<li><font color=#009000><strong>006: STABILITY FIX: Dec 4, 2000</strong></font><br>
On some machines, a PCIBIOS device driver interrupt allocation bug can cause a
kernel hang while probing PCI devices.  If you have this symptom, you can disable
PCIBIOS as a workaround.  To do this,
    <ul> 
    <li>Enter the User Kernel Configuration by booting with the
	option &quot;boot -c&quot;.
    <li>Once at the <i>UKC></i> prompt, enter <pre><tt>
	UKC> disable pcibios
	UKC> quit
    </tt></pre>
    <li>See <a href="./faq/faq5.html#5.6">FAQ 5.6</a> after a successful
    boot for instructions on how to re-write your kernel to disable PCIBIOS
    permanently.
    </ul> 
<p>
</ul>
<p>
<a name=mac68k></a>
<li><h3><font color=#e00000>mac68k</font></h3>
<ul>
<a name=x_mac68k></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mac68k/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mac68k/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
</ul>
<p>
<a name=sparc></a>
<li><h3><font color=#e00000>sparc</font></h3>
<ul>
<a name=x_sparc></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sparc/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sparc/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
<p>
<a name=qe></a>
<li><font color=#009000><strong>003: RELIABILITY FIX: Nov 17, 2000</strong></font><br>
Configuring a qec+qe causes a NMI panic.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/003_qe.patch>
A source code patch exists which remedies this problem.</a>
<p>
<a name=zsconsole> </a>
<li><font color=#009000><strong>001: RELIABILITY FIX: Nov 10, 2000</strong></font><br>
When running a sparc with a serial console, certain types of interrupts would
cause great grief.<br>
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/sparc/001_zsconsole.patch>
A source code patch exists which remedies this problem.</a>
</ul>
<p>
<a name=amiga></a>
<li><h3><font color=#e00000>amiga</font></h3>
<ul>
<a name=x_amiga></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/amiga/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/amiga/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
</ul>
<p>
<a name=pmax></a>
<li><h3><font color=#e00000>pmax</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name=hp300></a>
<li><h3><font color=#e00000>hp300</font></h3>
<ul>
<a name=x_hp300></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/hp300/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/hp300/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
</ul>
<p>
<a name=mvme68k></a>
<li><h3><font color=#e00000>mvme68k</font></h3>
<ul>
<a name=x_mvme68k></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mvme68k/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/mvme68k/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
</ul>
<p>
<a name=powerpc></a>
<li><h3><font color=#e00000>powerpc</font></h3>
<ul>
<a name=imacdv></a>
<li><font color=#009000><strong>012: INSTALL PROBLEM: Dec 14, 2000</strong></font><br>
The IMac DV+ (and probably some other machines) incorrectly identify their video
hardware, but it is possible to work around the problem.<br>
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/powerpc/012_imacdv.patch">
A source code patch exists which remedies the problem.</a>
</ul>
<p>
<a name=vax></a>
<li><h3><font color=#e00000>vax</font></h3>
<ul>
<li>No problems identified yet.
</ul>
<p>
<a name=sun3></a>
<li><h3><font color=#e00000>sun3</font></h3>
<ul>
<a name=x_sun3></a>
<li><font color=#009000><strong>007: INSTALL PROBLEM: Dec 4, 2000</strong></font><br>
The X packages
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xshare28.tgz">share28.tgz</a>
and
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/2.8/sun3/xfont28.tgz">font28.tgz</a>
were not on the CD, and only available via FTP install.  These packages can be
added post-install by using the following command:
    <tt><pre>
    # cd /; tar xvfpz xshare28.tgz
    # cd /; tar xvfpz xfont28.tgz
    </pre></tt>
</ul>

</dl>
<br>

<hr>
<a href=stable.html>For OpenBSD patch branch information, please refer here.</a><br>
<a href=errata21.html>For 2.1 errata, please refer here</a>.<br>
<a href=errata22.html>For 2.2 errata, please refer here</a>.<br>
<a href=errata23.html>For 2.3 errata, please refer here</a>.<br>
<a href=errata24.html>For 2.4 errata, please refer here</a>.<br>
<a href=errata25.html>For 2.5 errata, please refer here</a>.<br>
<a href=errata26.html>For 2.6 errata, please refer here</a>.<br>
<a href=errata27.html>For 2.7 errata, please refer here</a>.<br>
<a href=errata28.html>For 2.8 errata, please refer here</a>.<br>
<a href=errata29.html>For 2.9 errata, please refer here</a>.<br>
<hr>

<a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
<a href=mailto:www@openbsd.org>www@openbsd.org</a>
<br><small>$OpenBSD: errata28.html,v 1.1 2001/04/24 06:59:16 deraadt Exp $</small>

</body>
</html>