www/plus.html - diff

Return to plus.html CVS log

Up to [local] / www

Diff for /www/plus.html between version 1.925 and 1.926

version 1.925, 2004/05/30 16:23:12

version 1.926, 2004/06/03 23:38:49

Line 158

<a href="errata.html#cvs2">A source code patch is available</a>.

<a href="stable.html">[Applied to stable]</a>

<li>Allow symbolic service- and protocol names in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isakmpd&sektion=8">isakmpd(8)</a>, so e.g. "Protocol=tcp" now works.

<li>Fix a cross-realm trust vulnerability in Kerberos V. Adapted from FreeBSD.

<li>SECURITY FIX: A flaw in the Kerberos V <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kdc&sektion=8">kdc(8)</a> server could result in the administrator of a Kerberos realm having the ability to impersonate any principal in any other realm which has established a cross-realm trust with their realm. The flaw is due to inadequate checking of the "transited" field in a Kerberos request. For more details see <a href="http://www.pdc.kth.se/heimdal/advisory/2004-04-01/">Heimdal's announcement</a>.

<a href="errata.html#kerberos">A source code patch is available</a>.

<a href="stable.html">[Applied to stable]</a>

<li>Add word boundary tests to the regexes that find @-commands in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_add&sektion=1">pkg_add(1)</a> etc. packing lists.

<li>Fix SIGINT handling in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>.