http://www.openbsd.org/errata41.html OpenBSD 41 Errata en-us mike@erdelynet.com http://erdelynet.com/images/puffy96x83.gif http://www.openbsd.org/errata41.html 96 83 OpenBSD 41 Errata http://www.openbsd.org/errata41.html#016_openssh2 SECURITY All architectures April 3, 2008 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#015_openssh SECURITY All architectures March 30, 2008 ForceCommand directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.
A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#014_ppp SECURITY All architectures March 7, 2008 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#013_tcprespond RELIABILITY All architectures February 22, 2008 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#012_xorg SECURITY All architectures February 8, 2008 2nd revision, February 10, 2008
Multiple vulnerabilities have been discovered in X.Org.
XFree86 Misc extension out of bounds array index, File existence disclosure, Xinput extension memory corruption, TOG-cup extension memory corruption, MIT-SHM and EVI extensions integer overflows, PCF Font parser buffer overflow. CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006.
A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#011_openssl SECURITY All architectures October 10, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#010_dhcpd SECURITY All architectures October 8, 2007 A DHCP client that claimed to require a maximum message size less than the minimum IP MTU could cause dhcpd(8) to overwrite stack memory.
A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#009_file SECURITY All Architectures July 9, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#008_xorg STABILITY All Architectures May 9, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#007_kroute RELIABILITY All architectures April 30, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#006_altivec STABILITY PowerPC April 27, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#005_route6 SECURITY All architectures April 27, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#004_xorg SECURITY All architectures April 27, 2007 XC-MISC extension ProcXCMiscGetXIDList memory corruption vulnerability, BDFFont parsing integer overflow vulnerability, fonts.dir file parsing integer overflow vulnerability, multiple integer overflows in the XGetPixel() and XInitImage functions in ImUtil.c. CVE-2007-1003, CVE-2007-1351, CVE-2007-1352, CVE-2007-1667.
A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#003_spamd RELIABILITY All architectures April 27, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#002_splnet STABILITY All architectures April 27, 2007 A source code patch exists which remedies this problem.
]]> http://www.openbsd.org/errata41.html#001_mbuf SECURITY All architectures April 27, 2007 Using pf(4) to avoid the problem packets is an effective workaround until the patch can be installed.
Use "block in inet6" in /etc/pf.conf
A source code patch exists which remedies this problem.
]]>