www/security.html - diff

Return to security.html CVS log

Up to [local] / www

version 1.212, 2002/06/26 06:10:47

version 1.213, 2002/06/26 19:07:53

Line 194

<p>

<ul>

<li><a href=errata.html#modssl>June 26, 2002:

A buffer overflow can occur in the .htaccess parsing code in

mod_ssl httpd module, leading to possible remote crash.</a>

<li><a href=errata.html#resolver>June 25, 2002:

A potential buffer overflow in the DNS resolver has been found.</a>

<li><a href=errata.html#sshd>June 24, 2002:

All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an

input validation error that can result in an integer overflow and

privilege escalation.</a>

<li><a href=errata.html#httpd>June 19, 2002:

A buffer overflow can occur during the interpretation of chunked

encoding in httpd(8), leading to possible remote crash.</a>

Line 232

Line 239

<ul>

<li><a href=errata30.html#resolver>June 25, 2002:

A potential buffer overflow in the DNS resolver has been found.</a>

<li><a href=errata30.html#sshdauth>June 24, 2002:

All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an

input validation error that can result in an integer overflow and

privilege escalation.</a>

<li><a href=errata30.html#modssl>June 24, 2002:

A buffer overflow can occur in the .htaccess parsing code in

mod_ssl httpd module, leading to possible remote crash.</a>

<li><a href=errata30.html#httpd>June 19, 2002:

A buffer overflow can occur during the interpretation of chunked

encoding in httpd(8), leading to possible remote crash.</a>

<li><a href=errata30.html#fdalloc2>May 8, 2002:

A race condition exists that could defeat the kernel's

protection of fd slots 0-2 for setuid processes.</a>