| version 1.119, 1998/05/26 15:53:49 |
version 1.120, 1998/05/30 15:13:05 |
|
|
| <a name=all></a> |
<a name=all></a> |
| <li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color=#e00000>All architectures</font></h3> |
| <ul> |
<ul> |
| |
<a name=xlib></a> |
| |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
| |
Vulnerabilities have been found in the X11, Xt, Xaw and Xmu |
| |
libraries. These affect xterm and all other setuid-root programs that |
| |
use these libraries. The problems are associated with buffer overflows |
| |
in code that processes user-supplied data. The Xt library problems |
| |
include those fixed in TOG's recent public patch 3 for X11R6.3. All |
| |
releases of XFree86 up to and including 3.3.2 patch 1 and the version |
| |
distributed with OpenBSD are vulnerable to some or all of these |
| |
problems. |
| |
These problems are fixed in |
| |
<a href="http://www.xfree86.org/">XFree86</a> patch 2. A |
| |
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/XFree86-3.3.2.2.patch"> |
| |
source patch</a> for these problems, specifically adapted to the |
| |
OpenBSD 2.3 X11 tree is available now. |
| |
<p> |
| <a name=kill></a> |
<a name=kill></a> |
| <li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
| The kill(2) system call previously would permit a large set of signals to |
The kill(2) system call previously would permit a large set of signals to |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www