===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.429
retrieving revision 1.430
diff -c -r1.429 -r1.430
*** www/errata.html 2003/02/23 20:21:41 1.429
--- www/errata.html 2003/02/25 01:31:30 1.430
***************
*** 53,58 ****
--- 53,63 ----
All architectures
+
+ - 008: SECURITY FIX: February 25, 2003
+ httpd(8) leaks file inode numbers via ETag header as well as child PIDs in multipart MIME boundary generation. This could lead, for example, to NFS exploitation because it uses inode numbers as part of the file handle.
+ A source code patch exists which fixes these two issues.
+
- 007: SECURITY FIX: February 22, 2003
In
***************
*** 205,211 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.429 2003/02/23 20:21:41 brad Exp $