===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.275
retrieving revision 1.276
diff -u -r1.275 -r1.276
--- www/errata.html 2000/10/10 00:02:44 1.275
+++ www/errata.html 2000/10/10 18:10:46 1.276
@@ -40,6 +40,14 @@
All architectures
+
+- 029: SECURITY FIX: Oct 10, 2000
+The telnet daemon does not strip out the TERMINFO, TERMINFO_DIRS, TERMPATH
+and TERMCAP (when it starts with a '/') environment variables.
+
+
+A source code patch exists which remedies this problem.
+
- 029: RELIABILITY FIX: Oct 9, 2000
There is a non-exploitable buffer overflow in sendmail's test mode.
@@ -410,7 +418,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.275 2000/10/10 00:02:44 millert Exp $
+
$OpenBSD: errata.html,v 1.276 2000/10/10 18:10:46 millert Exp $