version 1.145, 2000/10/05 16:43:20 |
version 1.146, 2000/10/06 19:59:43 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href=errata.html#curses>Oct 6, 2000: |
|
libcurses permitted reading of $HOME/.termlib database files |
|
if used by a setuid or setgid application. |
|
(patch included)</a> |
|
<li><a href=errata.html#talkd>Oct 6, 2000: |
|
A format string vulnerability exists in talkd(8). |
|
(patch included)</a> |
<li><a href=errata.html#pw_error>Oct 3, 2000: |
<li><a href=errata.html#pw_error>Oct 3, 2000: |
A format string vulnerability exists in the pw_error() function of the |
A format string vulnerability exists in the pw_error() function of the |
libutil library, yielding localhost root through chpass(1). |
libutil library, yielding localhost root through chpass(1). |