-
Notifications
You must be signed in to change notification settings - Fork 43
/
Copy patherrata48.html
226 lines (206 loc) · 8.01 KB
/
errata48.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
<!doctype html>
<html lang=en id=errata>
<meta charset=utf-8>
<title>OpenBSD 4.8 Errata</title>
<meta name="description" content="the OpenBSD CD errata page">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="openbsd.css">
<link rel="canonical" href="https://www.openbsd.org/errata48.html">
<!--
IMPORTANT REMINDER
IF YOU ADD A NEW ERRATUM, MAIL THE PATCH TO TECH AND ANNOUNCE
-->
<h2 id=OpenBSD>
<a href="index.html">
<i>Open</i><b>BSD</b></a>
4.8 Errata
</h2>
<hr>
For errata on a certain release, click below:<br>
<a href="errata20.html">2.0</a>,
<a href="errata21.html">2.1</a>,
<a href="errata22.html">2.2</a>,
<a href="errata23.html">2.3</a>,
<a href="errata24.html">2.4</a>,
<a href="errata25.html">2.5</a>,
<a href="errata26.html">2.6</a>,
<a href="errata27.html">2.7</a>,
<a href="errata28.html">2.8</a>,
<a href="errata29.html">2.9</a>,
<a href="errata30.html">3.0</a>,
<a href="errata31.html">3.1</a>,
<a href="errata32.html">3.2</a>,
<a href="errata33.html">3.3</a>,
<a href="errata34.html">3.4</a>,
<a href="errata35.html">3.5</a>,
<br>
<a href="errata36.html">3.6</a>,
<a href="errata37.html">3.7</a>,
<a href="errata38.html">3.8</a>,
<a href="errata39.html">3.9</a>,
<a href="errata40.html">4.0</a>,
<a href="errata41.html">4.1</a>,
<a href="errata42.html">4.2</a>,
<a href="errata43.html">4.3</a>,
<a href="errata44.html">4.4</a>,
<a href="errata45.html">4.5</a>,
<a href="errata46.html">4.6</a>,
<a href="errata47.html">4.7</a>,
<a href="errata49.html">4.9</a>,
<a href="errata50.html">5.0</a>,
<a href="errata51.html">5.1</a>,
<a href="errata52.html">5.2</a>,
<br>
<a href="errata53.html">5.3</a>,
<a href="errata54.html">5.4</a>,
<a href="errata55.html">5.5</a>,
<a href="errata56.html">5.6</a>,
<a href="errata57.html">5.7</a>,
<a href="errata58.html">5.8</a>,
<a href="errata59.html">5.9</a>,
<a href="errata60.html">6.0</a>,
<a href="errata61.html">6.1</a>,
<a href="errata62.html">6.2</a>,
<a href="errata63.html">6.3</a>,
<a href="errata64.html">6.4</a>,
<a href="errata65.html">6.5</a>,
<a href="errata66.html">6.6</a>,
<a href="errata67.html">6.7</a>,
<a href="errata68.html">6.8</a>,
<br>
<a href="errata69.html">6.9</a>,
<a href="errata70.html">7.0</a>,
<a href="errata71.html">7.1</a>,
<a href="errata72.html">7.2</a>,
<a href="errata73.html">7.3</a>,
<a href="errata74.html">7.4</a>,
<a href="errata75.html">7.5</a>,
<a href="errata76.html">7.6</a>,
<a href="errata77.html">7.7</a>.
<hr>
<p>
Patches for the OpenBSD base system are distributed as unified diffs.
Each patch contains usage instructions.
All the following patches are also available in one
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8.tar.gz">tar.gz file</a>
for convenience.
<p>
Patches for supported releases are also incorporated into the
<a href="stable.html">-stable branch</a>.
<hr>
<ul>
<li id="p010_sis">
<strong>010: RELIABILITY FIX: February 16, 2011</strong>
<i>All architectures</i><br>
The <a href="https://man.openbsd.org/OpenBSD-4.8/sis.4">sis(4)</a>
driver may hand over stale ring descriptors to the hardware if the compiler decides
to re-order stores or if the hardware does store-reordering.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/010_sis.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p009_pf">
<strong>009: SECURITY FIX: February 16, 2011</strong>
<i>Little-endian
architectures</i><br>
PF rules specifying address ranges (e.g. "10.1.1.1 - 10.1.1.5") were
not correctly handled on little-endian systems (alpha, amd64, arm, i386,
mips64el, vax). Other address types (bare addresses "10.1.1.1" and
prefixes "10.1.1.1/30") are not affected.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/009_pf.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p008_openssl">
<strong>008: SECURITY FIX: February 11, 2011</strong>
<i>All architectures</i><br>
An incorrectly formatted ClientHello handshake message could cause
OpenSSL to parse past the end of the message. An attacker could use this flaw
to trigger an invalid memory access, causing a crash of an application linked
to OpenSSL. As well, certain applications may expose the contents of parsed
OCSP extensions, specifically the OCSP nonce extension.
<p>
Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed
that nothing in the base OS uses this. Apache httpd started using this
in v2.3.3; this is newer than the version in ports.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/008_openssl.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p007_rtsock">
<strong>007: RELIABILITY FIX: January 13, 2011</strong>
<i>All architectures</i><br>
sp_protocol in RTM_DELETE messages could contain garbage values
leading to routing socket users that restrict the AF (such as ospfd)
not seeing any of the RTM_DELETE messages.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/007_rtsock.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p006_cbc">
<strong>006: RELIABILITY FIX: December 17, 2010</strong>
<i>All architectures</i><br>
Bring CBC oracle attack countermeasures to hardware crypto accelerator land.
This fixes aes-ni, via xcrypt and various drivers
(<a href="https://man.openbsd.org/OpenBSD-4.8/glxsb.4">glxsb(4)</a>,
<a href="https://man.openbsd.org/OpenBSD-4.8/hifn.4">hifn(4)</a>,
<a href="https://man.openbsd.org/OpenBSD-4.8/safe.4">safe(4)</a>
and
<a href="https://man.openbsd.org/OpenBSD-4.8/ubsec.4">ubsec(4)</a>).
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/006_cbc.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p005_pf">
<strong>005: SECURITY FIX: December 17, 2010</strong>
<i>All architectures</i><br>
Insufficient initialization of the pf rule structure in the ioctl
handler may allow userland to modify kernel memory. By default root
privileges are needed to add or modify pf rules.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/005_pf.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p004_openssl">
<strong>004: RELIABILITY FIX: November 17, 2010</strong>
<i>All architectures</i><br>
Fix a flaw in the OpenSSL TLS server extension code parsing which could lead to
a buffer overflow. This affects OpenSSL based TLS servers which are multi-threaded
and use OpenSSL's internal caching mechanism. Servers that are multi-process
and/or disable internal session caching are not affected.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/004_openssl.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p003_vr">
<strong>003: RELIABILITY FIX: November 16, 2010</strong>
<i>All architectures</i><br>
The <a href="https://man.openbsd.org/OpenBSD-4.8/vr.4">vr(4)</a>
driver may hand over stale ring descriptors to the hardware if the compiler decides
to re-order stores or if the hardware does store-reordering.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/003_vr.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p002_pci">
<strong>002: RELIABILITY FIX: November 16, 2010</strong>
<i>All architectures</i><br>
Certain PCI based hardware may improperly announce their Base Address
Registers as prefetchable even though they are not. This may cause
unpredictable effects due to wrongly mapped memory.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/002_pci.patch">
A source code patch exists which remedies this problem.</a>
<p>
<li id="p001_bgpd">
<strong>001: RELIABILITY FIX: November 16, 2010</strong>
<i>All architectures</i><br>
Uninitialized memory may force the RDE into route-collector mode on startup and
may prevent bgpd from updating or announcing any routes.
<br>
<a href="https://ftp.openbsd.org/pub/OpenBSD/patches/4.8/common/001_bgpd.patch">
A source code patch exists which remedies this problem.</a>
<br>
</ul>
<hr>