| version 1.98, 1998/04/30 08:13:22 |
version 1.99, 1998/05/03 08:37:53 |
|
|
| <a name=all></a> |
<a name=all></a> |
| <li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color=#e00000>All architectures</font></h3> |
| <ul> |
<ul> |
| <li>No problems identified yet. |
<a name=xterm-xaw></a> |
| |
<li><font color=#009000><strong>SECURITY FIX</strong></font><br> |
| |
As stated in CERT advisory VB-98.04, there are buffer |
| |
overrun problems in <strong>xterm</strong> |
| |
related to the input-Method, preeditType, and *Keymap resources, and |
| |
buffer overruns in the <strong>Xaw</strong> |
| |
library related to the inputMethod and preeditType resources. |
| |
The xterm problem represents a security vulnerability for any platform |
| |
where xterm is installed setuid-root (as is the case for all OpenBSD |
| |
platforms). The Xaw problem represents a security vulnerability for |
| |
any setuid-root program that uses the Xaw library (including xterm). |
| |
<p> |
| |
<a href="http://www.xfree86.org/">XFree86 3.3.2</a> patch 1 corrects |
| |
these problems. |
| |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.3/common/xterm-xaw.patch> |
| |
Here's a version for the OpenBSD 2.3 tree</a>. |
| <p> |
<p> |
| </ul> |
</ul> |
| <a name=i386></a> |
<a name=i386></a> |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www