===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -c -r1.13 -r1.14
*** www/errata35.html 2005/01/12 06:36:53 1.13
--- www/errata35.html 2005/01/12 15:08:02 1.14
***************
*** 58,64 ****
All architectures
-
! 027: RELIABILITY FIX: January 10, 2005
A bug in the
tcp(4)
stack allows an invalid argument to be used in calculating the TCP
--- 58,64 ----
All architectures
-
! 027: RELIABILITY FIX: January 11, 2005
A bug in the
tcp(4)
stack allows an invalid argument to be used in calculating the TCP
***************
*** 69,74 ****
--- 69,88 ----
A source code patch exists which remedies this problem.
+
-
+ 026: SECURITY FIX: January 12, 2005
+ httpd(8)
+ 's mod_include module fails to properly validate the length of
+ user supplied tag strings prior to copying them to a local buffer,
+ causing a buffer overflow.
+
+ This would require enabling the XBitHack directive or server-side
+ includes and making use of a malicious document.
+
+
+ A source code patch exists which remedies this problem.
+
+
-
025: RELIABILITY FIX: January 6, 2005
The
***************
*** 450,456 ****
www@openbsd.org
!
$OpenBSD: errata35.html,v 1.13 2005/01/12 06:36:53 mcbride Exp $