===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata35.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- www/errata35.html 2005/01/12 06:36:53 1.13
+++ www/errata35.html 2005/01/12 15:08:02 1.14
@@ -58,7 +58,7 @@
All architectures
-
-027: RELIABILITY FIX: January 10, 2005
+027: RELIABILITY FIX: January 11, 2005
A bug in the
tcp(4)
stack allows an invalid argument to be used in calculating the TCP
@@ -69,6 +69,20 @@
A source code patch exists which remedies this problem.
+
-
+026: SECURITY FIX: January 12, 2005
+httpd(8)
+'s mod_include module fails to properly validate the length of
+user supplied tag strings prior to copying them to a local buffer,
+causing a buffer overflow.
+
+This would require enabling the XBitHack directive or server-side
+includes and making use of a malicious document.
+
+
+A source code patch exists which remedies this problem.
+
+
-
025: RELIABILITY FIX: January 6, 2005
The
@@ -450,7 +464,7 @@
www@openbsd.org
-
$OpenBSD: errata35.html,v 1.13 2005/01/12 06:36:53 mcbride Exp $
+
$OpenBSD: errata35.html,v 1.14 2005/01/12 15:08:02 brad Exp $