Monday, July 9, 2007

Errata 009

PuffyThe OpenBSD team has released a patch 009 for OpenBSD 4.1 (patch 015 for OpenBSD 4.0).

This is a security fix and applies to all architectures.

Quote from the commit message:
When writing data into a buffer in the file_printf() function, the
length of the unused portion of the buffer is not correctly tracked,
resulting in a buffer overflow when processing certain files.

Binpatches exist for OpenBSD 4.1 and OpenBSD 4.0.