===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.22
retrieving revision 1.23
diff -c -r1.22 -r1.23
*** www/errata34.html 2004/09/10 18:30:45 1.22
--- www/errata34.html 2004/09/16 23:09:48 1.23
***************
*** 56,61 ****
--- 56,74 ----
All architectures
+ -
+ 030: SECURITY FIX: September 16, 2004
+ Chris Evans reported several flaws (stack and integer overflows) in the
+ Xpm
+ library code that parses image files
+ (CAN-2004-0687,
+ CAN-2004-0688).
+ Some of these would be exploitable when parsing malicious image files in
+ an application that handles XPM images, if they could escape ProPolice.
+
+
+ A source code patch exists which remedies this problem.
+
-
029: SECURITY FIX: September 10, 2004
httpd(8)
***************
*** 449,455 ****
www@openbsd.org
!
$OpenBSD: errata34.html,v 1.22 2004/09/10 18:30:45 brad Exp $