=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata31.html,v retrieving revision 1.7 retrieving revision 1.8 diff -c -r1.7 -r1.8 *** www/errata31.html 2002/11/06 23:37:17 1.7 --- www/errata31.html 2002/11/15 01:58:33 1.8 *************** *** 53,58 **** --- 53,68 ----

All architectures

019: SECURITY FIX: November 14, 2002
+ A buffer overflow in + named(8) + could allow an attacker to execute code with the privileges of named. + On OpenBSD, named runs as a non-root user in a chrooted environment + which mitigates the affects of this bug.
+ A + source code patch exists which remedies the problem. +
018: SECURITY FIX: November 6, 2002
Incorrect argument checking in the *************** *** 99,104 **** --- 109,116 ---- crypto(3) library, all of them being potentially remotely exploitable.
A source code patch exists which remedies the problem. +
+ This is the second version of the patch.
012: SECURITY FIX: July 29, 2002
*************** *** 271,277 ****
www@openbsd.org !
$OpenBSD: errata31.html,v 1.7 2002/11/06 23:37:17 miod Exp $ --- 283,289 ----
www@openbsd.org !
$OpenBSD: errata31.html,v 1.8 2002/11/15 01:58:33 millert Exp $