Latest OpenBSD Patches

February 8, 2004 at 9:26 pm (BSD)

Okay, here’s the dope on the latest patches:

015: SECURITY FIX: February 5, 2004
A reference counting bug exists in the shmat(2) system call that could be
used by an attacker to write to kernel memory under certain circumstances.
A source code patch exists which remedies the problem.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/015_sysvshm.patch

016: SECURITY FIX: February 8, 2004
An IPv6 MTU handling problem exists that could be used by an attacker to
cause a denial of service attack against hosts with reachable IPv6 TCP ports.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/015_sysvshm.patch

Permalink Leave a Comment

OpenBSD Patching

February 8, 2004 at 2:49 am (BSD)

Applied 2 patches tonight to my old but still running flawlessly & securely,
OpenBSD 3.3 system. The patches were 015_sysvshm.patch which has 2
links below, one explaining the vulnerability & the other link to the patch.
I couldn’t find any info on the 2nd patch, 016_ip6.patch, but I’ve had such
good luck patching so far, I went ahead & applied it too, & then rebuilt my
kernel & rebooted. So far, everything’s jake.

http://www.deadly.org/article.php3?sid=20040205183342
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/010_sysvshm.patch

Permalink Leave a Comment