Return to errata.html CVS log | Up to [local] / www |
version 1.497, 2004/05/31 17:23:05 | version 1.498, 2004/06/01 13:50:05 | ||
---|---|---|---|
|
|
||
has established a cross-realm trust with their realm. The flaw is due to | has established a cross-realm trust with their realm. The flaw is due to | ||
inadequate checking of the "transited" field in a Kerberos request. For | inadequate checking of the "transited" field in a Kerberos request. For | ||
more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"> | more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/"> | ||
Heimdal's announcement</A>. | Heimdal's announcement</a>. | ||
<br> | <br> | ||
<a | <a | ||
href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"> | href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/009_kerberos.patch"> | ||
|
|
||
<li><a name="xdm"></a> | <li><a name="xdm"></a> | ||
<font color="#00900"><strong>008: SECURITY FIX: May 26, | <font color="#00900"><strong>008: SECURITY FIX: May 26, | ||
2004</strong></font><br> | 2004</strong></font><br> | ||
With the introduction of IPv6 code in | With the introduction of IPv6 code in | ||
<a | <a | ||
href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdm&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html">xdm(1)</a>, | href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdm&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html">xdm(1)</a>, | ||
one test on the 'requestPort' resource was deleted by accident. This | one test on the 'requestPort' resource was deleted by accident. This |