Monday, March 12, 2007

Errata 010

PuffyThe OpenBSD has just released patch 010 for OpenBSD 4.0.

This is a security fix and applies to all architectures.

Quote from the Errata page:
Incorrect mbuf handling for ICMP6 packets.
Using pf(4) to avoid the problem packets is an effective workaround until the patch can be installed.
Use "block in inet6" in /etc/pf.conf.


As always, I've created a binpatch for OpenBSD 4.0.

3 comments:

  1. A second version of this patch (version 2 of OBSD 4.0, errata 010) appeared a couple of hours ago on the errata page and on security-announce.

    I applied Mike Erdely's binpatch for version 1 of patch 010 (for which thanks, Mike!). Is it OK to overlay a binpatch'd 010, version 2 on top of version 1?

    thanks

    ReplyDelete
  2. David,

    I noticed. I've updated my binpatch page.

    If you applied v1 of my patch. Apply v2, reboot and feel good. It's just /bsd. If you're running a multi-processor kernel, you should: cp /bsd /bsd.sp; cp /bsd.mp /bsd.

    I've created a new errata 010 rev2 post.

    ReplyDelete
  3. Thanks, Mike. v2 patch works fine, took two minutes to do. (Old Sparc 2 clone now compiling; will take hours.)

    I appreciate your providing binpatch binaries. Thanks again.

    ReplyDelete