===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.377
retrieving revision 1.378
diff -u -r1.377 -r1.378
--- www/errata.html 2002/03/15 16:55:06 1.377
+++ www/errata.html 2002/03/19 22:06:26 1.378
@@ -47,6 +47,21 @@
All architectures
+
+- 016: SECURITY FIX: March 19, 2002
+Under certain conditions, on systems using YP with netgroups in the password
+database, it is possible for the
+rexecd(8)
+and
+rshd(8)
+for the rexecd and rshd daemons to execute the shell from a different user's
+password entry. Due to a similar problem,
+atrun(8)
+may change to the wrong home directory when running
+at(1)
+jobs.
+A source code patch exists which remedies the problem.
+
- 015: RELIABILITY FIX: March 13, 2002
Under some circumstances the zlib compression library can free dynamically
@@ -271,7 +286,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.377 2002/03/15 16:55:06 millert Exp $
+
$OpenBSD: errata.html,v 1.378 2002/03/19 22:06:26 millert Exp $