=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v retrieving revision 1.13 retrieving revision 1.14 diff -c -r1.13 -r1.14 *** www/errata35.html 2005/01/12 06:36:53 1.13 --- www/errata35.html 2005/01/12 15:08:02 1.14 *************** *** 58,64 ****

All architectures

! 027: RELIABILITY FIX: January 10, 2005
A bug in the tcp(4) stack allows an invalid argument to be used in calculating the TCP --- 58,64 ----
All architectures
- ! 027: RELIABILITY FIX: January 11, 2005
  A bug in the tcp(4) stack allows an invalid argument to be used in calculating the TCP *************** *** 69,74 **** --- 69,88 ---- A source code patch exists which remedies this problem.
  
  +
- + 026: SECURITY FIX: January 12, 2005
  + httpd(8) + 's mod_include module fails to properly validate the length of + user supplied tag strings prior to copying them to a local buffer, + causing a buffer overflow. +
  + This would require enabling the XBitHack directive or server-side + includes and making use of a malicious document. +
  + + A source code patch exists which remedies this problem.
  +
  +
- 025: RELIABILITY FIX: January 6, 2005
  The *************** *** 450,456 ****
  www@openbsd.org !
  $OpenBSD: errata35.html,v 1.13 2005/01/12 06:36:53 mcbride Exp $ --- 464,470 ----
  www@openbsd.org !
  $OpenBSD: errata35.html,v 1.14 2005/01/12 15:08:02 brad Exp $