![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to errata.html CVS log | Up to [local] / www |
| version 1.377, 2002/03/15 16:55:06 | version 1.378, 2002/03/19 22:06:26 | ||
|---|---|---|---|
|
|
||
| <a name=all></a> | <a name=all></a> | ||
| <li><h3><font color=#e00000>All architectures</font></h3> | <li><h3><font color=#e00000>All architectures</font></h3> | ||
| <ul> | <ul> | ||
| <a name=approval></a> | |||
| <li><font color=#009000><strong>016: SECURITY FIX: March 19, 2002</strong></font><br> | |||
| Under certain conditions, on systems using YP with netgroups in the password | |||
| database, it is possible for the | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rexecd&sektion=8">rexecd(8)</a> | |||
| and | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rshd&sektion=8">rshd(8)</a> | |||
| for the rexecd and rshd daemons to execute the shell from a different user's | |||
| password entry. Due to a similar problem, | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=atrun&sektion=8">atrun(8)</a> | |||
| may change to the wrong home directory when running | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=at&sektion=1">at(1)</a> | |||
| jobs.<br> | |||
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/016_approval.patch">A source code patch exists which remedies the problem</a>. | |||
| <p> | |||
| <a name=zlib></a> | <a name=zlib></a> | ||
| <li><font color=#009000><strong>015: RELIABILITY FIX: March 13, 2002</strong></font><br> | <li><font color=#009000><strong>015: RELIABILITY FIX: March 13, 2002</strong></font><br> | ||
| Under some circumstances the zlib compression library can free dynamically | Under some circumstances the zlib compression library can free dynamically |