===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata32.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- www/errata32.html 2003/05/14 13:17:43 1.4
+++ www/errata32.html 2003/08/04 16:39:29 1.5
@@ -54,6 +54,16 @@
All architectures
+
+- 015: SECURITY FIX: August 4, 2003
+An off-by-one error exists in the C library function
+realpath(3).
+Since this same bug resulted in a root compromise in the wu-ftpd ftp server
+it is possible that this bug may allow an attacker to gain escalated privileges
+on OpenBSD.
+A
+source code patch exists which remedies the problem.
+
- 014: SECURITY FIX: March 31, 2003
A buffer overflow in the address parsing in
@@ -263,7 +273,7 @@
www@openbsd.org
-
$OpenBSD: errata32.html,v 1.4 2003/05/14 13:17:43 margarida Exp $
+
$OpenBSD: errata32.html,v 1.5 2003/08/04 16:39:29 millert Exp $