===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.195
retrieving revision 1.196
diff -u -r1.195 -r1.196
--- www/errata.html 1999/09/14 02:53:10 1.195
+++ www/errata.html 1999/09/14 05:44:58 1.196
@@ -36,14 +36,14 @@
All architectures
-- SECURITY FIX
+ - SECURITY FIX: Aug 30, 1999
In cron(8), make sure argv[] is NULL terminated in the fake popen() and
run sendmail as the user, not as root.
A source code patch exists which remedies this problem.
-
- SECURITY FIX
+ - SECURITY FIX: Aug 12, 1999
The procfs and fdescfs filesystems had an overrun in their handling
of uio_offset in their readdir() routines. (These filesystems are not
enabled by default).
@@ -51,13 +51,13 @@
A source code patch exists which remedies this problem.
-
- SECURITY FIX
+ - SECURITY FIX: Aug 9, 1999
Stop profiling (see profil(2)) when we execve() a new process.
A source code patch exists which remedies this problem.
-
- SECURITY FIX
+ - SECURITY FIX: Aug 6, 1999
Packets that should have been handled by IPsec may be transmitted
as cleartext. PF_KEY SA expirations may leak kernel resources.
-
- SECURITY FIX
+ - SECURITY FIX: Aug 5, 1999
In /etc/rc, use mktemp(1) for motd re-writing, and change the find(1)
to use -execdir.
A source code patch exists which remedies this problem.
-
- SECURITY FIX
+ - SECURITY FIX: Jul 30, 1999
Do not permit regular users to chflags(2) or fchflags(2) on character or
block devices which they may currently be the owner of.
A source code patch exists which remedies this problem.
-
- SECURITY FIX
+ - SECURITY FIX: Jul 27, 1999
Cause groff(1) to be invoked with the -S flag, when called by nroff(1),
to avoid various groff features which may be security issues. On the
whole, this is not really a security issue, but it was discussed on
@@ -88,14 +88,14 @@
A source code patch exists which remedies this problem.
-
- RELIABILITY FIX
+ - RELIABILITY FIX: May 19, 1999
Programs using fts(3) could dump core when given a directory structure
with a very large number of entries.
A source code patch exists which remedies this problem.
-
- RELIABILITY FIX
+ - RELIABILITY FIX: May 19, 1999
Sequence numbers could wrap with TCP_SACK and TCP_NEWRENO, resulting in
failure to retransmit correctly.
@@ -211,7 +211,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.195 1999/09/14 02:53:10 deraadt Exp $
+
$OpenBSD: errata.html,v 1.196 1999/09/14 05:44:58 deraadt Exp $