Return to errata.html CVS log | Up to [local] / www |
version 1.259, 2000/07/13 18:21:56 | version 1.260, 2000/07/15 02:38:38 | ||
---|---|---|---|
|
|
||
<a name=all></a> | <a name=all></a> | ||
<li><h3><font color=#e00000>All architectures</font></h3> | <li><h3><font color=#e00000>All architectures</font></h3> | ||
<ul> | <ul> | ||
<a name=X11_libs></a> | |||
<li><font color=#009000><strong>021: SECURITY FIX: July 14, 2000</strong></font><br> | |||
Various problems in X11 libraries have various side effects. We provide a | |||
jumbo patch to fix them.<p> | |||
<ul> | |||
<li><a href="http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-15&msg=Pine.LNX.4.21.0005181947210.17658-100000@ferret.lmh.ox.ac.uk"> | |||
Nasty X Server Dos</a><br> | |||
This is fixed by the patch to <b>xc/programs/Xsever/os/secauth.c</b>. | |||
<li><a href="http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=Pine.LNX.4.21.0006192251480.9945-100000@ferret.lmh.ox.ac.uk"> | |||
Various nasty libX11 holes</a><br> | |||
This is covered by the patches to xc/lib/X11. | |||
<li><a href="http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-06-15&msg=Pine.LNX.4.21.0006192220220.9945-100000@ferret.lmh.ox.ac.uk"> | |||
libICE DoS</a><br> | |||
This is covered by the patches to <b>xc/lib/ICE</b>. | |||
<li><a href="http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-04-15&msg=Pine.LNX.4.10.10004161835150.863-100000@localhost"> | |||
Server overflow</a><br> | |||
This is covered by the patches to <b>xc/programs/Xserver/xkb</b>. | |||
<br> | |||
Note that the default OpenBSD install is not vulnerable to this, since the | |||
the XFree86 Xwrapper already has tests for bad arguments. | |||
</ul> | |||
<br> | |||
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/021_X11_libs.patch> | |||
A source code patch exists which remedies these problems.</a> | |||
<p> | |||
<a name=ftpd></a> | <a name=ftpd></a> | ||
<li><font color=#009000><strong>019: SECURITY FIX: July 5, 2000</strong></font><br> | <li><font color=#009000><strong>019: SECURITY FIX: July 5, 2000</strong></font><br> | ||
Just like pretty much all the other unix ftp daemons on the planet, | Just like pretty much all the other unix ftp daemons on the planet, |