===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.193
retrieving revision 1.194
diff -u -r1.193 -r1.194
--- www/errata.html	1999/08/13 12:31:10	1.193
+++ www/errata.html	1999/08/31 11:43:40	1.194
@@ -35,8 +35,16 @@
 <a name=all></a>
 <li><h3><font color=#e00000>All architectures</font></h3>
 <ul>
+<a name=cron></a>
+<li><font color=#009000><strong>SECURITY FIX</strong></font><br>
+In cron(8), make sure argv[] is NULL terminated in the fake popen() and
+run sendmail as the user, not as root.
+<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/cron.patch>
+A source code patch exists which remedies this problem.</a>
+<p>
 <a name=miscfs></a>
-<li>The procfs and fdescfs filesystems had an overrun in their handling
+<li><font color=#009000><strong>SECURITY FIX</strong></font><br>
+The procfs and fdescfs filesystems had an overrun in their handling
 of uio_offset in their readdir() routines. (These filesystems are not
 enabled by default).
 <a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.5/common/miscfs.patch>
@@ -203,7 +211,7 @@
 
 <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
 <a href=mailto:www@openbsd.org>www@openbsd.org</a>
-<br><small>$OpenBSD: errata.html,v 1.193 1999/08/13 12:31:10 deraadt Exp $</small>
+<br><small>$OpenBSD: errata.html,v 1.194 1999/08/31 11:43:40 deraadt Exp $</small>
 
 </body>
 </html>