=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v retrieving revision 1.399 retrieving revision 1.400 diff -c -r1.399 -r1.400 *** www/errata.html 2002/06/26 11:01:06 1.399 --- www/errata.html 2002/06/26 19:07:53 1.400 *************** *** 49,54 **** --- 49,60 ----

All architectures

008: SECURITY FIX: June 26, 2002
+ A buffer overflow can occur in the .htaccess parsing code in mod_ssl httpd + module, leading to possible remote crash. + A source code patch exists which remedies the problem. +
007: SECURITY FIX: June 25, 2002
A potential buffer overflow in the DNS resolver has been found.
*************** *** 56,68 ****
006: SECURITY FIX: June 24, 2002
! An (as yet) undisclosed bug exists in OpenSSH, which a patch is not forthcoming ! for yet -- no patch exists yet!
! However, upgrading to OpenSSH 3.3 ! with the UsePrivilegeSeparation option enabled will block this ! problem.
! All users are advised to update immediately, and keep an eye out for ! an upcoming OpenSSH 3.4 release on Monday containing a real fix.
005: SECURITY FIX: June 19, 2002
--- 62,73 ----
006: SECURITY FIX: June 24, 2002
! All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation ! error that can result in an integer overflow and privilege escalation. ! This problem is fixed in OpenSSH ! 3.4, and a patch for the vulnerable releases is available as part of the ! security advisory. !
005: SECURITY FIX: June 19, 2002
*************** *** 185,191 **** www@openbsd.org !
$OpenBSD: errata.html,v 1.399 2002/06/26 11:01:06 espie Exp $ --- 190,196 ---- www@openbsd.org !
$OpenBSD: errata.html,v 1.400 2002/06/26 19:07:53 miod Exp $