===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v
retrieving revision 1.8
retrieving revision 1.9
diff -c -r1.8 -r1.9
*** www/errata38.html 2006/06/16 02:57:52 1.8
--- www/errata38.html 2006/07/30 17:35:57 1.9
***************
*** 75,80 ****
--- 75,94 ----
+ -
+ 009: SECURITY FIX: July 30, 2006 All architectures
+ httpd
+ (8)
+ 's mod_rewrite has a potentially exploitable off-by-one buffer overflow.
+ The buffer overflow may result in a vulnerability which, in combination
+ with certain types of Rewrite rules in the web server configuration files,
+ could be triggered remotely. The default install is not affected by the
+ buffer overflow. CVE-2006-3747
+
+
+ A source code patch exists which remedies this problem.
+
+
-
008: SECURITY FIX: June 15, 2006 All architectures
A potential denial of service problem has been found in sendmail. A malformed MIME
***************
*** 197,203 ****
www@openbsd.org
!
$OpenBSD: errata38.html,v 1.8 2006/06/16 02:57:52 brad Exp $