===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata29.html,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- www/errata29.html 2002/03/15 16:55:06 1.14
+++ www/errata29.html 2002/04/11 18:39:22 1.15
@@ -47,6 +47,14 @@
All architectures
+
+- 023: SECURITY FIX: April 11, 2002
+mail(1)
+will process tilde escapes even in non-interactive mode.
+This can lead to a local root compromise.
+
+A source code patch exists which remedies the problem.
+
- 022: RELIABILITY FIX: March 13, 2002
Under some circumstances the zlib compression library can free dynamically
@@ -350,7 +358,7 @@
www@openbsd.org
-
$OpenBSD: errata29.html,v 1.14 2002/03/15 16:55:06 millert Exp $
+
$OpenBSD: errata29.html,v 1.15 2002/04/11 18:39:22 millert Exp $