===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.259
retrieving revision 1.260
diff -c -r1.259 -r1.260
*** www/errata.html 2000/07/13 18:21:56 1.259
--- www/errata.html 2000/07/15 02:38:38 1.260
***************
*** 40,45 ****
--- 40,70 ----
All architectures
+
+ - 021: SECURITY FIX: July 14, 2000
+ Various problems in X11 libraries have various side effects. We provide a
+ jumbo patch to fix them.
+
+ -
+ Nasty X Server Dos
+ This is fixed by the patch to xc/programs/Xsever/os/secauth.c.
+ -
+ Various nasty libX11 holes
+ This is covered by the patches to xc/lib/X11.
+ -
+ libICE DoS
+ This is covered by the patches to xc/lib/ICE.
+ -
+ Server overflow
+ This is covered by the patches to xc/programs/Xserver/xkb.
+
+ Note that the default OpenBSD install is not vulnerable to this, since the
+ the XFree86 Xwrapper already has tests for bad arguments.
+
+
+
+ A source code patch exists which remedies these problems.
+
- 019: SECURITY FIX: July 5, 2000
Just like pretty much all the other unix ftp daemons on the planet,
***************
*** 304,310 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.259 2000/07/13 18:21:56 deraadt Exp $