===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.119
retrieving revision 1.120
diff -u -r1.119 -r1.120
--- www/errata.html 1998/05/26 15:53:49 1.119
+++ www/errata.html 1998/05/30 15:13:05 1.120
@@ -27,6 +27,22 @@
All architectures
+
+- SECURITY FIX
+Vulnerabilities have been found in the X11, Xt, Xaw and Xmu
+libraries. These affect xterm and all other setuid-root programs that
+use these libraries. The problems are associated with buffer overflows
+in code that processes user-supplied data. The Xt library problems
+include those fixed in TOG's recent public patch 3 for X11R6.3. All
+releases of XFree86 up to and including 3.3.2 patch 1 and the version
+distributed with OpenBSD are vulnerable to some or all of these
+problems.
+These problems are fixed in
+XFree86 patch 2. A
+
+source patch for these problems, specifically adapted to the
+OpenBSD 2.3 X11 tree is available now.
+
- SECURITY FIX
The kill(2) system call previously would permit a large set of signals to
@@ -225,7 +241,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.119 1998/05/26 15:53:49 ryker Exp $
+
$OpenBSD: errata.html,v 1.120 1998/05/30 15:13:05 matthieu Exp $