version 1.201, 2002/03/19 22:06:26 |
version 1.202, 2002/04/11 18:39:22 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href=errata.html#mail>April 11, 2002: |
|
The mail(1) was interpreting tilde escapes even when invoked |
|
in non-interactive mode. As mail(1) is called as root from cron, |
|
this can lead to a local root compromise.</a> |
<li><a href=errata.html#approval>March 19, 2002: |
<li><a href=errata.html#approval>March 19, 2002: |
Under certain conditions, on systems using YP with netgroups in |
Under certain conditions, on systems using YP with netgroups in |
the password database, it is possible for the rexecd(8) and rshd(8) |
the password database, it is possible for the rexecd(8) and rshd(8) |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href=errata29.html#mail>April 11, 2002: |
|
The mail(1) was interpreting tilde escapes even when invoked |
|
in non-interactive mode. As mail(1) is called as root from cron, |
|
this can lead to a local root compromise.</a> |
<li><a href=errata29.html#zlib>March 13, 2002: |
<li><a href=errata29.html#zlib>March 13, 2002: |
A potential double free() exists in the zlib library; |
A potential double free() exists in the zlib library; |
this is not exploitable on OpenBSD. |
this is not exploitable on OpenBSD. |