===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.278
retrieving revision 1.279
diff -c -r1.278 -r1.279
*** www/errata.html 2000/10/11 02:10:22 1.278
--- www/errata.html 2000/10/18 20:39:24 1.279
***************
*** 44,49 ****
--- 44,59 ----
All architectures
+
+ - 031: SECURITY FIX: Oct 18, 2000
+ Apache has several bugs in mod_rewrite and mod_vhost_alias
+ that could cause arbirtary files accessible to the www user on the server
+ to be exposed under certain configurations when these modules are used.
+ (These modules are not active by default).
+
+
+ A source code patch exists which remedies this problem.
+
- 030: SECURITY FIX: Oct 10, 2000
The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
***************
*** 422,428 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.278 2000/10/11 02:10:22 ericj Exp $