Contributed by pitrh on from the get your fix of fixed fix-fixes dept.
Ted Unangst (tedu@) has announced the availability of patches for three separate issues.
The first errata addresses the recent DNS server issue
Three new errata to announce.
Malicious DNS servers could cause a denial of service with an endless series of delegations. This affects named (BIND) and unbound. There is a patch for unbound in 5.6. (unbound wasn't built in 5.5.) We don't have patches for BIND at this time.
Missing memory barriers (and other bugs) made virtio devices unreliable. Patches available for 5.5 and 5.6.
Lots and lots of security bugs in the X server have finally been fixed. http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/ Patches are available for 5.5 and 5.6.
For 5.6: http://www.openbsd.org/errata56.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/012_unbound.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/013_virtio.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.6/common/014_xserver.patch.sig
For 5.5: http://www.openbsd.org/errata55.html
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/018_virtio.patch.sig
http://ftp.openbsd.org/pub/OpenBSD/patches/5.5/common/019_xserver.patch.sig
(Comments are closed)
By Anonymous Coward (85.158.44.146) on