===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata.html,v
retrieving revision 1.496
retrieving revision 1.497
diff -u -r1.496 -r1.497
--- www/errata.html 2004/05/30 23:36:48 1.496
+++ www/errata.html 2004/05/31 17:23:05 1.497
@@ -59,13 +59,13 @@
009: SECURITY FIX: May 30,
2004
-A flaw in the Kerberos V kdc(8)
+A flaw in the Kerberos V kdc(8)
server could result in the administrator of a Kerberos realm having
the ability to impersonate any principal in any other realm which
has established a cross-realm trust with their realm. The flaw is due to
inadequate checking of the "transited" field in a Kerberos request. For
-more details see
+more details see
Heimdal's announcement.
With the introduction of IPv6 code in
xdm(1),
+href="http://www.openbsd.org/cgi-bin/man.cgi?query=xdm&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html">xdm(1),
one test on the 'requestPort' resource was deleted by accident. This
makes xdm create the chooser socket even if xdmcp is disabled in
xdm-config, by setting requestPort to 0. See
@@ -262,7 +262,7 @@
www@openbsd.org
-
$OpenBSD: errata.html,v 1.496 2004/05/30 23:36:48 beck Exp $
+
$OpenBSD: errata.html,v 1.497 2004/05/31 17:23:05 saad Exp $