![[BACK]](/icons/back.gif){kind=icon}
Return to errata30.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to errata30.html CVS log | Up to [local] / www |
| version 1.3, 2002/04/20 16:16:40 | version 1.4, 2002/04/23 20:52:52 | ||
|---|---|---|---|
|
|
||
| <a name=all></a> | <a name=all></a> | ||
| <li><h3><font color=#e00000>All architectures</font></h3> | <li><h3><font color=#e00000>All architectures</font></h3> | ||
| <ul> | <ul> | ||
| <a name=sshafs></a> | |||
| <li><font color=#009000><strong>019: SECURITY FIX: April 22, 2002</strong></font><br> | |||
| A local user can gain super-user privileges due to a buffer overflow | |||
| in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a> | |||
| if AFS has been configured on the system or if | |||
| KerberosTgtPassing or AFSTokenPassing has been enabled | |||
| in the sshd_config file. Ticket and token passing is not enabled | |||
| by default.<br> | |||
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/019_sshafs.patch">A source code patch exists which remedies the problem</a>. | |||
| <p> | |||
| <a name=mail></a> | <a name=mail></a> | ||
| <li><font color=#009000><strong>018: SECURITY FIX: April 11, 2002</strong></font><br> | <li><font color=#009000><strong>018: SECURITY FIX: April 11, 2002</strong></font><br> | ||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mail&sektion=1">mail(1)</a> | <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mail&sektion=1">mail(1)</a> |