===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.429
retrieving revision 1.430
diff -c -r1.429 -r1.430
*** www/errata.html	2003/02/23 20:21:41	1.429
--- www/errata.html	2003/02/25 01:31:30	1.430
***************
*** 53,58 ****
--- 53,63 ----
  <a name=all></a>
  <li><h3><font color=#e00000>All architectures</font></h3>
  <ul>
+ <a name=httpd></a>
+ <li><font color=#009000><strong>008: SECURITY FIX: February 25, 2003</strong></font><br>
+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&amp;sektion=8">httpd(8)</a> leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.</br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/008_httpd.patch">A source code patch exists which fixes these two issues</a>.
+ <p>
  <a name=ssl></a>
  <li><font color=#009000><strong>007: SECURITY FIX: February 22, 2003</strong></font><br>
  In 
***************
*** 205,211 ****
  <hr>
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
! <br><small>$OpenBSD: errata.html,v 1.429 2003/02/23 20:21:41 brad Exp $</small>
  
  </body>
  </html>
--- 210,216 ----
  <hr>
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
! <br><small>$OpenBSD: errata.html,v 1.430 2003/02/25 01:31:30 margarida Exp $</small>
  
  </body>
  </html>