===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.193
retrieving revision 1.194
diff -u -r1.193 -r1.194
--- www/errata.html 1999/08/13 12:31:10 1.193
+++ www/errata.html 1999/08/31 11:43:40 1.194
@@ -35,8 +35,16 @@
All architectures
+
+- SECURITY FIX
+In cron(8), make sure argv[] is NULL terminated in the fake popen() and
+run sendmail as the user, not as root.
+
+A source code patch exists which remedies this problem.
+
-
- The procfs and fdescfs filesystems had an overrun in their handling
+
- SECURITY FIX
+The procfs and fdescfs filesystems had an overrun in their handling
of uio_offset in their readdir() routines. (These filesystems are not
enabled by default).
@@ -203,7 +211,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.193 1999/08/13 12:31:10 deraadt Exp $
+
$OpenBSD: errata.html,v 1.194 1999/08/31 11:43:40 deraadt Exp $