===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -c -r1.21 -r1.22
*** www/errata34.html 2004/08/30 01:15:43 1.21
--- www/errata34.html 2004/09/10 18:30:45 1.22
***************
*** 56,61 ****
--- 56,73 ----
All architectures
+ -
+ 029: SECURITY FIX: September 10, 2004
+ httpd(8)
+ 's mod_rewrite module can be made to write one zero byte in an arbitrary memory
+ position outside of a char array, causing a DoS or possibly buffer overflows.
+ This would require enabling dbm for mod_rewrite and making use of a malicious
+ dbm file.
+
+
+ A source code patch exists which remedies this problem.
+
+
-
028: RELIABILITY FIX: August 26, 2004
As
***************
*** 437,443 ****
www@openbsd.org
!
$OpenBSD: errata34.html,v 1.21 2004/08/30 01:15:43 brad Exp $