===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.259
retrieving revision 1.260
diff -u -r1.259 -r1.260
--- www/errata.html 2000/07/13 18:21:56 1.259
+++ www/errata.html 2000/07/15 02:38:38 1.260
@@ -40,6 +40,31 @@
All architectures
+
+- 021: SECURITY FIX: July 14, 2000
+Various problems in X11 libraries have various side effects. We provide a
+jumbo patch to fix them.
+
+ -
+ Nasty X Server Dos
+ This is fixed by the patch to xc/programs/Xsever/os/secauth.c.
+ -
+ Various nasty libX11 holes
+ This is covered by the patches to xc/lib/X11.
+ -
+ libICE DoS
+ This is covered by the patches to xc/lib/ICE.
+ -
+ Server overflow
+ This is covered by the patches to xc/programs/Xserver/xkb.
+
+ Note that the default OpenBSD install is not vulnerable to this, since the
+ the XFree86 Xwrapper already has tests for bad arguments.
+
+
+
+A source code patch exists which remedies these problems.
+
- 019: SECURITY FIX: July 5, 2000
Just like pretty much all the other unix ftp daemons on the planet,
@@ -304,7 +329,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.259 2000/07/13 18:21:56 deraadt Exp $
+
$OpenBSD: errata.html,v 1.260 2000/07/15 02:38:38 deraadt Exp $