===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/errata66.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -c -r1.6 -r1.7
*** www/errata66.html 2019/11/21 21:01:42 1.6
--- www/errata66.html 2019/12/04 11:11:35 1.7
***************
*** 179,184 ****
A source code patch exists which remedies this problem.
!
--- 179,215 ----
A source code patch exists which remedies this problem.
+
+ 009: SECURITY FIX: December 4, 2019
+ All architectures
+
+ Environment-provided paths are used for dlopen() in mesa, resulting in
+ escalation to the auth group in xlock(1).
+
+
+ A source code patch exists which remedies this problem.
+
+
+
+ 010: SECURITY FIX: December 4, 2019
+ All architectures
+
+ libc's authentication layer performed insufficient username validation.
+
+
+ A source code patch exists which remedies this problem.
+
+
+
+ 011: SECURITY FIX: December 4, 2019
+ All architectures
+
+ xenodm uses the libc authentication layer incorrectly.
+
+
+ A source code patch exists which remedies this problem.
+
+
!