===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.275
retrieving revision 1.276
diff -u -r1.275 -r1.276
--- www/errata.html	2000/10/10 00:02:44	1.275
+++ www/errata.html	2000/10/10 18:10:46	1.276
@@ -40,6 +40,14 @@
 <a name=all></a>
 <li><h3><font color=#e00000>All architectures</font></h3>
 <ul>
+<a name=telnetd></a>
+<li><font color=#009000><strong>029: SECURITY FIX: Oct 10, 2000</strong></font><br>
+The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
+and TERMCAP (when it starts with a '/') environment variables.
+<br>
+<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/030_telnetd.patch>
+A source code patch exists which remedies this problem.</a>
+<p>
 <a name=sendmail></a>
 <li><font color=#009000><strong>029: RELIABILITY FIX: Oct 9, 2000</strong></font><br>
 There is a non-exploitable buffer overflow in sendmail's test mode.
@@ -410,7 +418,7 @@
 
 <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
 <a href=mailto:www@openbsd.org>www@openbsd.org</a>
-<br><small>$OpenBSD: errata.html,v 1.275 2000/10/10 00:02:44 millert Exp $</small>
+<br><small>$OpenBSD: errata.html,v 1.276 2000/10/10 18:10:46 millert Exp $</small>
 
 </body>
 </html>