===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata34.html,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- www/errata34.html 2004/05/13 13:50:09 1.8
+++ www/errata34.html 2004/05/20 21:05:59 1.9
@@ -56,6 +56,18 @@
All architectures
+-
+021: SECURITY FIX: May 20,
+2004
+A heap overflow in the
+cvs(1)
+server has been discovered that can be exploited by clients sending
+malformed requests, enabling these clients to run arbitrary code
+with the same privileges as the CVS server program.
+
+
+A source code patch exists which remedies this problem.
+
-
020: SECURITY FIX: May 13,
2004
@@ -344,7 +356,7 @@
www@openbsd.org
-
$OpenBSD: errata34.html,v 1.8 2004/05/13 13:50:09 brad Exp $
+
$OpenBSD: errata34.html,v 1.9 2004/05/20 21:05:59 otto Exp $