===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.509
retrieving revision 1.510
diff -c -r1.509 -r1.510
*** www/errata.html 2004/09/10 18:30:45 1.509
--- www/errata.html 2004/09/16 23:09:48 1.510
***************
*** 56,61 ****
--- 56,74 ----
All architectures
+ -
+ 019: SECURITY FIX: September 16, 2004
+ Chris Evans reported several flaws (stack and integer overflows) in the
+ Xpm
+ library code that parses image files
+ (CAN-2004-0687,
+ CAN-2004-0688).
+ Some of these would be exploitable when parsing malicious image files in
+ an application that handles XPM images, if they could escape ProPolice.
+
+
+ A source code patch exists which remedies this problem.
+
-
018: SECURITY FIX: September 10, 2004
httpd(8)
***************
*** 358,364 ****
www@openbsd.org
!
$OpenBSD: errata.html,v 1.509 2004/09/10 18:30:45 brad Exp $