===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata30.html,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- www/errata30.html 2002/04/20 16:16:40 1.3
+++ www/errata30.html 2002/04/23 20:52:52 1.4
@@ -49,6 +49,16 @@
All architectures
+
+- 019: SECURITY FIX: April 22, 2002
+A local user can gain super-user privileges due to a buffer overflow
+in sshd(8)
+if AFS has been configured on the system or if
+KerberosTgtPassing or AFSTokenPassing has been enabled
+in the sshd_config file. Ticket and token passing is not enabled
+by default.
+A source code patch exists which remedies the problem.
+
- 018: SECURITY FIX: April 11, 2002
mail(1)
@@ -305,7 +315,7 @@
www@openbsd.org
-
$OpenBSD: errata30.html,v 1.3 2002/04/20 16:16:40 miod Exp $
+
$OpenBSD: errata30.html,v 1.4 2002/04/23 20:52:52 markus Exp $