===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.268
retrieving revision 1.269
diff -c -r1.268 -r1.269
*** www/errata.html 2000/09/18 17:00:13 1.268
--- www/errata.html 2000/10/03 22:44:53 1.269
***************
*** 40,45 ****
--- 40,57 ----
All architectures
+
+ - 025: SECURITY FIX: Oct 3, 2000
+ A format string vulnerability exists in the pw_error(3) function. This
+ manifests itself as a security hole in the chpass utility. As a workaround
+ which disables its functionality, do
+
+ # chmod u-s /usr/bin/chpass
+
+
+
+ A source code patch exists which remedies this problem.
+
- 024: SECURITY FIX: Sep 18, 2000
Bad ESP/AH packets could cause a crash under certain conditions.
***************
*** 49,55 ****
- 023: SECURITY FIX: Aug 16, 2000
A format string vulnerability exists in xlock. As a workaround which disables
! it's functionality, do
# chmod u-s /usr/X11R6/bin/xlock
--- 61,67 ----
- 023: SECURITY FIX: Aug 16, 2000
A format string vulnerability exists in xlock. As a workaround which disables
! its functionality, do
# chmod u-s /usr/X11R6/bin/xlock
***************
*** 369,375 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.268 2000/09/18 17:00:13 jason Exp $