===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.410
retrieving revision 1.411
diff -c -r1.410 -r1.411
*** www/errata.html 2002/07/30 13:42:53 1.410
--- www/errata.html 2002/07/30 13:47:24 1.411
***************
*** 53,66 ****
--- 53,69 ----
013: SECURITY FIX: July 30, 2002
Several remote buffer overflows can occur in the SSL2 server and SSL3 client of the ssl(8) library, as in the ASN.1 parser code in the crypto(3) library, all of them being potentially remotely exploitable.
A source code patch exists which remedies the problem.
+
012: SECURITY FIX: July 29, 2002
A buffer overflow can occur in the xdr_array(3) RPC code, leading to possible remote crash.
A source code patch exists which remedies the problem.
+
011: SECURITY FIX: July 29, 2002
A race condition exists in the pppd(8) daemon which may cause it to alter the file permissions of an arbitrary file.
A source code patch exists which remedies the problem.
+
010: RELIABILITY FIX: July 5, 2002
Receiving IKE payloads out of sequence can cause
***************
*** 214,220 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.410 2002/07/30 13:42:53 miod Exp $