===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata42.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -c -r1.16 -r1.17
*** www/errata42.html 2008/03/09 21:05:00 1.16
--- www/errata42.html 2008/03/31 01:40:47 1.17
***************
*** 83,88 ****
--- 83,98 ----
+ -
+ 010: SECURITY FIX: March 30, 2008 All architectures
+ sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand
+ directive was in effect, allowing users with write access to this file to
+ execute arbitrary commands. This behaviour was documented, but was an unsafe
+ default and an extra hassle for administrators.
+
+ A source code patch exists which remedies this problem.
+
+
-
009: SECURITY FIX: March 7, 2008 All architectures
Buffer overflow in ppp command prompt parsing.
***************
*** 210,216 ****
www@openbsd.org
!
$OpenBSD: errata42.html,v 1.16 2008/03/09 21:05:00 deraadt Exp $