===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- www/errata34.html 2014/03/31 03:36:54 1.60
+++ www/errata34.html 2014/03/31 04:11:40 1.61
@@ -380,6 +380,18 @@
A source code patch exists which remedies this problem.
+
+006: SECURITY FIX: November 17, 2003 i386 only
+It may be possible for a local user to overrun the stack in
+compat_ibcs2(8).
+ProPolice catches this, turning a potential privilege escalation into a denial
+of service. iBCS2 emulation does not need to be enabled via
+sysctl(8)
+for this to happen.
+
+
+A source code patch exists which remedies this problem.
+
005: RELIABILITY FIX: November 4, 2003 All architectures
It is possible for a local user to cause a system panic by executing a specially crafted binary with an invalid header.
@@ -425,23 +437,6 @@
# pkg_add http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/i386/
The extra / at the end is important. We do not make
patch files available for things printed on paper.
-
-
-
-
-
i386
-