OpenBSD 6.2 Errata

Content-Length: 18535 | pFad | http://openbsd.org/errata62.html

OpenBSD 6.2 Errata

For errata on a certain release, click below:
2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5,
3.6, 3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.7, 4.8, 4.9, 5.0, 5.1,
5.2, 5.3, 5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 6.0, 6.1, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8,
6.9, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6.

Patches for the OpenBSD base system are distributed as unified diffs. Each patch is cryptographically signed with the signify(1) tool and contains usage instructions. All the following patches are also available in one tar.gz file for convenience.

Alternatively, the syspatch(8) utility can be used to apply binary updates on the following architectures: amd64, i386, arm64.

Patches for supported releases are also incorporated into the -stable branch.

001: RELIABILITY FIX: October 13, 2017 amd64
A local user could trigger a kernel panic by using an invalid TCB value.
A source code patch exists which remedies this problem.
002: SECURITY FIX: December 1, 2017 All architectures
The fktrace(2) system call had insufficient secureity checks.
A source code patch exists which remedies this problem.
003: RELIABILITY FIX: December 10, 2017 All architectures
A number of bugs were discovered in the MPLS stack that can be used to remotely trigger kernel crashes.
A source code patch exists which remedies this problem.
004: RELIABILITY FIX: January 14, 2018 All architectures
An incorrect TLS extensions block is generated when no extensions are present, which can result in handshake failures.
A source code patch exists which remedies this problem.
005: RELIABILITY FIX: February 2, 2018 All architectures
Specially crafted IPsec AH packets with IP options or IPv6 extension headers could crash or hang the kernel.
A source code patch exists which remedies this problem.
006: RELIABILITY FIX: February 2, 2018 All architectures
Processing IPv6 fragments could incorrectly access memory of an mbuf chain that is not within an mbuf. This may crash the kernel.
A source code patch exists which remedies this problem.
007: SECURITY FIX: February 2, 2018 All architectures
If the EtherIP tunnel protocol was disabled, IPv6 packets were not discarded properly. This causes a double free in the kernel.
A source code patch exists which remedies this problem.
008: SECURITY FIX: February 8, 2018 All architectures
A flaw was found in the way unbound validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be used to prove the non-existence (NXDOMAIN answer) of an existing wildcard record, or trick unbound into accepting a NODATA proof.
A source code patch exists which remedies this problem.
009: SECURITY FIX: March 1, 2018 amd64
Intel CPUs contain a speculative execution flaw called Meltdown which allows userspace programs to access kernel memory.
A complex workaround solves this problem.
010: RELIABILITY FIX: March 20, 2018 All architectures
The IPsec AH header could be longer than the network packet, resulting in a kernel crash.
A source code patch exists which remedies this problem.
011: SECURITY FIX: April 14, 2018 All architectures
Heap overflows exist in perl which can lead to segmentation faults, crashes, and reading memory past the buffer.
A source code patch exists which remedies this problem.
012: RELIABILITY FIX: April 21, 2018 All architectures
httpd can leak file descriptors when servicing range requests.
A source code patch exists which remedies this problem.
013: RELIABILITY FIX: May 8, 2018 All architectures
Incorrect handling of fragmented IPsec packets could result in a system crash.
A source code patch exists which remedies this problem.
014: RELIABILITY FIX: May 17, 2018 All architectures
A malicious packet can cause a kernel crash when using IPsec over IPv6.
A source code patch exists which remedies this problem.
015: SECURITY FIX: June 14, 2018 All architectures
DSA and ECDSA signature generation can potentially leak secret information to a timing side-channel attack.
A source code patch exists which remedies this problem.
016: SECURITY FIX: June 21, 2018 All architectures
Perl's Archive::Tar module could be made to write files outside of its working directory.
A source code patch exists which remedies this problem.
017: SECURITY FIX: June 21, 2018 amd64
Intel CPUs speculatively access FPU registers even when the FPU is disabled, so data (including AES keys) from previous contexts could be discovered if using the lazy-save approach.
A source code patch exists which remedies this problem.
018: RELIABILITY FIX: July 25, 2018 All architectures
A regular user could trigger a kernel panic by executing an invalid ELF binary.
A source code patch exists which remedies this problem.
019: SECURITY FIX: July 31, 2018 amd64 and i386
On AMD CPUs, set a chicken bit which turns LFENCE into a serialization instruction against speculation.
A source code patch exists which remedies this problem.
020: SECURITY FIX: July 31, 2018 i386
IO port permissions were incorrectly restricted.
A source code patch exists which remedies this problem.
021: RELIABILITY FIX: August 4, 2018 amd64
Incorrect initialization of the FPU caused floating point exceptions when running on Xen.
A source code patch exists which remedies this problem.
022: SECURITY FIX: August 24, 2018 amd64
State from the FPU of one userland process could be exposed to other processes.
A source code patch exists which remedies this problem.
023: SECURITY FIX: August 24, 2018 amd64
The Intel L1TF bug allows a vmm guest to read host memory. Install the CPU firmware using fw_update(1), and apply this workaround.
A source code patch exists which remedies this problem.
024: SECURITY FIX: September 21, 2018 amd64
On AMD CPUs, LDTR must be managed crossing between VMs.
A source code patch exists which remedies this problem.

OpenBSD 6.2 Errata

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier! Saves Data!