===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.574
retrieving revision 1.575
diff -u -r1.574 -r1.575
--- www/errata.html 2006/11/04 03:02:28 1.574
+++ www/errata.html 2006/11/04 21:28:18 1.575
@@ -76,7 +76,7 @@
-
-003: SECURITY FIX: October 7, 2006 All architectures
+003: SECURITY FIX: November 4, 2006 All architectures
Fix for an integer overflow in
systrace(4)'s
STRIOCREPLACE support, found by
@@ -88,7 +88,7 @@
-
-002: SECURITY FIX: October 7, 2006 All architectures
+002: SECURITY FIX: November 4, 2006 All architectures
Several problems have been found in OpenSSL. While parsing certain invalid ASN.1
structures an error condition is mishandled, possibly resulting in an infinite
loop. A buffer overflow exists in the SSL_get_shared_ciphers function. A NULL
@@ -106,7 +106,7 @@
-
-001: SECURITY FIX: October 7, 2006 All architectures
+001: SECURITY FIX: November 4, 2006 All architectures
httpd(8)
does not sanitize the Expect header from an HTTP request when it is
reflected back in an error message, which might allow cross-site scripting (XSS)
@@ -150,7 +150,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.574 2006/11/04 03:02:28 brad Exp $
+
$OpenBSD: errata.html,v 1.575 2006/11/04 21:28:18 deraadt Exp $