===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata37.html,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- www/errata37.html	2005/11/28 15:43:27	1.4
+++ www/errata37.html	2006/01/05 05:34:08	1.5
@@ -74,6 +74,23 @@
 <a name="vax"></a>
 <ul>
 
+<li><a name="fd"></a>
+<font color="#009000"><strong>008: SECURITY FIX: January 5, 2006</strong></font> &nbsp; <i>All architectures</i><br>
+Do not allow users to trick suid programs into re-opening files via /dev/fd.
+<br>
+<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/008_fd.patch">
+A source code patch exists which remedies this problem</a>.<br>
+<p>
+
+<li><a name="perl"></a>
+<font color="#009000"><strong>007: SECURITY FIX: January 5, 2006</strong></font> &nbsp; <i>All architectures</i><br>
+A buffer overflow has been found in the Perl interpreter with the sprintf function which
+may be exploitable under certain conditions.
+<br>
+<a href="ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/007_perl.patch">
+A source code patch exists which remedies this problem</a>.<br>
+<p>
+
 <li><a name="nat-t"></a>
 <font color="#009000"><strong>006: RELIABILITY FIX: November 5, 2005</strong></font> &nbsp; <i>All architectures</i><br>
 Due to wrong advertisement of RFC 3947 compliance interoperability problems with
@@ -172,7 +189,7 @@
 <hr>
 <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a> 
 <a href="mailto:www@openbsd.org">www@openbsd.org</a>
-<br><small>$OpenBSD: errata37.html,v 1.4 2005/11/28 15:43:27 hshoexer Exp $</small>
+<br><small>$OpenBSD: errata37.html,v 1.5 2006/01/05 05:34:08 brad Exp $</small>
 
 </body>
 </html>