OpenBSD Journal

IPv6 errata for 5.7/5.8, pledge errata for 5.9

Contributed by tj on from the anti-ipv6-squad dept.

Errata patches were recently issued for an IPv6 bug that affects users of both OpenBSD 5.7 and 5.8, as well as a patch for pledge in the upcoming 5.9 release.

Quoting the patch:

Insufficient checks in IPv6 socket binding and UDP IPv6 option processing allow a local user to send UDP packets with a source (IPv6 address + port) already reserved by another user.

Users that don't use IPv6 are not affected by this issue. Users who are using IPv6 should apply the patch, rebuild their kernel and reboot.

Though not officially released, unrelated an errata patch was issued for 5.9 on the same day:

Incorrect path processing in pledge_namei() could result in unexpected program termination of pledged programs.

Just as a heads up, you'll want to apply this one after installing 5.9 when it hits. Seasoned users know it's always good to check the errata page after doing an install.

Head over to the 5.7 errata or 5.8 errata pages to make sure you're all up to date.

(Comments are closed)


Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]