===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -r1.21 -r1.22
--- www/errata34.html 2004/08/30 01:15:43 1.21
+++ www/errata34.html 2004/09/10 18:30:45 1.22
@@ -56,6 +56,18 @@
All architectures
+-
+029: SECURITY FIX: September 10, 2004
+httpd(8)
+'s mod_rewrite module can be made to write one zero byte in an arbitrary memory
+position outside of a char array, causing a DoS or possibly buffer overflows.
+This would require enabling dbm for mod_rewrite and making use of a malicious
+dbm file.
+
+
+A source code patch exists which remedies this problem.
+
+
-
028: RELIABILITY FIX: August 26, 2004
As
@@ -437,7 +449,7 @@
www@openbsd.org
-
$OpenBSD: errata34.html,v 1.21 2004/08/30 01:15:43 brad Exp $
+
$OpenBSD: errata34.html,v 1.22 2004/09/10 18:30:45 brad Exp $