===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.509
retrieving revision 1.510
diff -u -r1.509 -r1.510
--- www/errata.html 2004/09/10 18:30:45 1.509
+++ www/errata.html 2004/09/16 23:09:48 1.510
@@ -56,6 +56,19 @@
All architectures
+-
+019: SECURITY FIX: September 16, 2004
+Chris Evans reported several flaws (stack and integer overflows) in the
+Xpm
+library code that parses image files
+(CAN-2004-0687,
+CAN-2004-0688).
+Some of these would be exploitable when parsing malicious image files in
+an application that handles XPM images, if they could escape ProPolice.
+
+
+A source code patch exists which remedies this problem.
+
-
018: SECURITY FIX: September 10, 2004
httpd(8)
@@ -358,7 +371,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.509 2004/09/10 18:30:45 brad Exp $
+
$OpenBSD: errata.html,v 1.510 2004/09/16 23:09:48 brad Exp $