=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v retrieving revision 1.925 retrieving revision 1.926 diff -c -r1.925 -r1.926 *** www/plus.html 2004/05/30 16:23:12 1.925 --- www/plus.html 2004/06/03 23:38:49 1.926 *************** *** 158,164 **** A source code patch is available.
[Applied to stable]
  • Allow symbolic service- and protocol names in isakmpd(8), so e.g. "Protocol=tcp" now works. !
  • Fix a cross-realm trust vulnerability in Kerberos V. Adapted from FreeBSD.
    [Applied to stable]
  • Add word boundary tests to the regexes that find @-commands in pkg_add(1) etc. packing lists.
  • Fix SIGINT handling in sftp(1). --- 158,165 ---- A source code patch is available.
    [Applied to stable]
  • Allow symbolic service- and protocol names in isakmpd(8), so e.g. "Protocol=tcp" now works. !
  • SECURITY FIX: A flaw in the Kerberos V kdc(8) server could result in the administrator of a Kerberos realm having the ability to impersonate any principal in any other realm which has established a cross-realm trust with their realm. The flaw is due to inadequate checking of the "transited" field in a Kerberos request. For more details see Heimdal's announcement.
    ! A source code patch is available.
    [Applied to stable]
  • Add word boundary tests to the regexes that find @-commands in pkg_add(1) etc. packing lists.
  • Fix SIGINT handling in sftp(1). *************** *** 693,699 ****
    OpenBSD www@openbsd.org !
    $OpenBSD: plus.html,v 1.925 2004/05/30 16:23:12 deraadt Exp $ --- 694,700 ----
    OpenBSD www@openbsd.org !
    $OpenBSD: plus.html,v 1.926 2004/06/03 23:38:49 deraadt Exp $