===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.219
retrieving revision 1.220
diff -u -r1.219 -r1.220
--- www/errata.html 2000/01/09 10:25:59 1.219
+++ www/errata.html 2000/01/20 17:49:32 1.220
@@ -37,6 +37,15 @@
All architectures
+- 016: SECURITY FIX: Jan 20, 2000
+Systems running with procfs enabled and mounted are vulnerable
+to having the stderr output of setuid processes directed onto
+a pre-seeked descriptor onto the stack in their own procfs memory.
+Note that procfs is not mounted by default in OpenBSD.
+
+A source code patch exists, which remedies this problem.
+
+
- 015: Y2K FIX: Jan 9, 2000
The at(1) command was unable to parse some kinds of dates.
@@ -251,7 +260,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.219 2000/01/09 10:25:59 deraadt Exp $
+
$OpenBSD: errata.html,v 1.220 2000/01/20 17:49:32 deraadt Exp $