===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.433
retrieving revision 1.434
diff -u -r1.433 -r1.434
--- www/errata.html 2003/03/04 13:03:43 1.433
+++ www/errata.html 2003/03/05 19:58:18 1.434
@@ -53,6 +53,18 @@
All architectures
+
+- 010: SECURITY FIX: March 5, 2003
+A fix for an
+lprm(1)
+bug made in 1996 contains an error that could lead to privilege escalation.
+For OpenBSD 3.2 the impact is limited since
+lprm(1)
+is setuid daemon, not setuid root.
+
+A
+source code patch exists which remedies the problem.
+
- 009: SECURITY FIX: March 3, 2003
A buffer overflow in the envelope comments processing in
@@ -218,7 +230,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.433 2003/03/04 13:03:43 nick Exp $
+
$OpenBSD: errata.html,v 1.434 2003/03/05 19:58:18 millert Exp $