===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata37.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -c -r1.4 -r1.5
*** www/errata37.html	2005/11/28 15:43:27	1.4
--- www/errata37.html	2006/01/05 05:34:08	1.5
***************
*** 74,79 ****
--- 74,96 ----
  <a name="vax"></a>
  <ul>
  
+ <li><a name="fd"></a>
+ <font color="#009000"><strong>008: SECURITY FIX: January 5, 2006</strong></font> &nbsp; <i>All architectures</i><br>
+ Do not allow users to trick suid programs into re-opening files via /dev/fd.
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
+ 
+ <li><a name="perl"></a>
+ <font color="#009000"><strong>007: SECURITY FIX: January 5, 2006</strong></font> &nbsp; <i>All architectures</i><br>
+ A buffer overflow has been found in the Perl interpreter with the sprintf function which
+ may be exploitable under certain conditions.
+ <br>
+ <a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch">
+ A source code patch exists which remedies this problem</a>.<br>
+ <p>
+ 
  <li><a name="nat-t"></a>
  <font color="#009000"><strong>006: RELIABILITY FIX: November 5, 2005</strong></font> &nbsp; <i>All architectures</i><br>
  Due to wrong advertisement of RFC 3947 compliance interoperability problems with
***************
*** 172,178 ****
  <hr>
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
  <a href="mailto:www@openbsd.org">www@openbsd.org</a>
! <br><small>$OpenBSD: errata37.html,v 1.4 2005/11/28 15:43:27 hshoexer Exp $</small>
  
  </body>
  </html>
--- 189,195 ----
  <hr>
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
  <a href="mailto:www@openbsd.org">www@openbsd.org</a>
! <br><small>$OpenBSD: errata37.html,v 1.5 2006/01/05 05:34:08 brad Exp $</small>
  
  </body>
  </html>