===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.496
retrieving revision 1.497
diff -c -r1.496 -r1.497
*** www/errata.html 2004/05/30 23:36:48 1.496
--- www/errata.html 2004/05/31 17:23:05 1.497
***************
*** 59,71 ****
009: SECURITY FIX: May 30,
2004
! A flaw in the Kerberos V kdc(8)
server could result in the administrator of a Kerberos realm having
the ability to impersonate any principal in any other realm which
has established a cross-realm trust with their realm. The flaw is due to
inadequate checking of the "transited" field in a Kerberos request. For
! more details see
Heimdal's announcement.
009: SECURITY FIX: May 30,
2004
! A flaw in the Kerberos V kdc(8)
server could result in the administrator of a Kerberos realm having
the ability to impersonate any principal in any other realm which
has established a cross-realm trust with their realm. The flaw is due to
inadequate checking of the "transited" field in a Kerberos request. For
! more details see
Heimdal's announcement.
With the introduction of IPv6 code in
xdm(1),
one test on the 'requestPort' resource was deleted by accident. This
makes xdm create the chooser socket even if xdmcp is disabled in
xdm-config, by setting requestPort to 0. See
--- 77,83 ----
2004
With the introduction of IPv6 code in
xdm(1),
one test on the 'requestPort' resource was deleted by accident. This
makes xdm create the chooser socket even if xdmcp is disabled in
xdm-config, by setting requestPort to 0. See
***************
*** 262,268 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.496 2004/05/30 23:36:48 beck Exp $