BSDSec

deadsimple BSD Security Advisories and Announcements

OpenBSD Errata: December 11th, 2019 (ldso)

11 December, 2019 by tj@openbsd.org | openbsd 

Errata patches for ld.so have been released for OpenBSD 6.5 and 6.6.

ld.so may fail to remove the LD_LIBRARY_PATH environment variable for
set-user-ID and set-group-ID executables in low memory conditions.

Binary updates for the amd64, i386, and arm64 platforms are available
via the syspatch utility. Source code patches can be found on the
respective errata page:

  https://www.openbsd.org/errata65.html
  https://www.openbsd.org/errata66.html