===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata31.html,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- www/errata31.html 2002/11/06 23:37:17 1.7
+++ www/errata31.html 2002/11/15 01:58:33 1.8
@@ -53,6 +53,16 @@
All architectures
+
+- 019: SECURITY FIX: November 14, 2002
+A buffer overflow in
+named(8)
+could allow an attacker to execute code with the privileges of named.
+On OpenBSD, named runs as a non-root user in a chrooted environment
+which mitigates the affects of this bug.
+A
+source code patch exists which remedies the problem.
+
- 018: SECURITY FIX: November 6, 2002
Incorrect argument checking in the
@@ -99,6 +109,8 @@
crypto(3)
library, all of them being potentially remotely exploitable.
A source code patch exists which remedies the problem.
+
+This is the second version of the patch.
- 012: SECURITY FIX: July 29, 2002
@@ -271,7 +283,7 @@
www@openbsd.org
-
$OpenBSD: errata31.html,v 1.7 2002/11/06 23:37:17 miod Exp $
+
$OpenBSD: errata31.html,v 1.8 2002/11/15 01:58:33 millert Exp $