Return to errata.html CVS log | Up to [local] / www |
version 1.451, 2003/09/17 15:40:13 | version 1.452, 2003/09/17 17:18:34 | ||
---|---|---|---|
|
|
||
A buffer overflow in the address parsing in | A buffer overflow in the address parsing in | ||
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sendmail&sektion=8">sendmail(8)</a> | ||
may allow an attacker to gain root privileges.<br> | may allow an attacker to gain root privileges.<br> | ||
<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/005_sendmail.patch">A source code patch exists which remedies the problem</a>. | <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/005_sendmail.patch">A source code patch exists which remedies the problem</a>.<br> | ||
NOTE: this is the <em>second</em> revision of the patch that fixes an additional | |||
problem. | |||
<p> | <p> | ||
<a name=sshbuffer></a> | <a name=sshbuffer></a> | ||
<li><font color="#009000"><strong>004: SECURITY FIX: September 16, 2003</strong></font><br> | <li><font color="#009000"><strong>004: SECURITY FIX: September 16, 2003</strong></font><br> |