![[BACK]](/icons/back.gif){kind=icon}
Return to errata30.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www|
Return to errata30.html CVS log | Up to [local] / www |
| version 1.34, 2002/10/21 20:36:10 | version 1.35, 2002/11/06 23:37:17 | ||
|---|---|---|---|
|
|
||
| <a name=all></a> | <a name=all></a> | ||
| <li><h3><font color=#e00000>All architectures</font></h3> | <li><h3><font color=#e00000>All architectures</font></h3> | ||
| <ul> | <ul> | ||
| <a name=kernresource></a> | |||
| <li><font color=#009000><strong>035: SECURITY FIX: November 6, 2002</strong></font><br> | |||
| Incorrect argument checking in the | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=getrlimit&sektion=2">getrlimit(2)</a> | |||
| system call may allow an attacker to crash the kernel.<br> | |||
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/035_kernresource.patch">A | |||
| source code patch exists which remedies the problem</a>. | |||
| <p> | |||
| <a name=smrsh></a> | |||
| <li><font color=#009000><strong>034: SECURITY FIX: November 6, 2002</strong></font><br> | |||
| An attacker can bypass the restrictions imposed by sendmail's restricted shell, | |||
| <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=smrsh&sektion=8">smrsh(8)</a>, | |||
| and execute arbitrary commands with the privileges of his own account.<br> | |||
| <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/034_smrsh.patch">A | |||
| source code patch exists which remedies the problem</a>. | |||
| <p> | |||
| <a name=kadmin></a> | <a name=kadmin></a> | ||
| <li><font color=#009000><strong>033: SECURITY FIX: October 21, 2002</strong></font><br> | <li><font color=#009000><strong>033: SECURITY FIX: October 21, 2002</strong></font><br> | ||
| A buffer overflow can occur in the | A buffer overflow can occur in the |