===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.139
retrieving revision 1.140
diff -u -r1.139 -r1.140
--- www/errata.html 1998/07/28 20:27:17 1.139
+++ www/errata.html 1998/08/02 03:55:20 1.140
@@ -27,6 +27,13 @@
All architectures
+
+- SECURITY FIX
+Chpass(1) has a file descriptor leak which allows an
+attacker to modify /etc/master.passwd.
+
+A source code patch exists which remedies this problem.
+
- RELIABILITY FIX
Calling readv(2) with iov_len < 0 or > INT_MAX would result in a
@@ -308,7 +315,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.139 1998/07/28 20:27:17 millert Exp $
+
$OpenBSD: errata.html,v 1.140 1998/08/02 03:55:20 millert Exp $