===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.116
retrieving revision 1.117
diff -c -r1.116 -r1.117
*** www/security.html	1999/10/28 16:58:03	1.116
--- www/security.html	1999/11/09 09:00:36	1.117
***************
*** 188,214 ****
  
  <p>
  <ul>
! <li><a href=errata.html#cron>Aug 30, 1999: 
  	In cron(8), make sure argv[] is NULL terminated in the
  	fake popen() and run sendmail as the user, not as root.
  	(patch included).</a>
! <li><a href=errata.html#miscfs>Aug 12, 1999: The procfs and fdescfs
  	filesystems had an overrun in their handling of uio_offset
  	in their readdir() routines. (These filesystems are not
  	enabled by default). (patch included).</a>
! <li><a href=errata.html#profil>Aug 9, 1999: Stop profiling (see profil(2))
  	when we execve() a new process. (patch included).</a>
! <li><a href=errata.html#ipsec_in_use>Aug 6, 1999: Packets that should have
  	been handled by IPsec may be transmitted as cleartext.
  	PF_KEY SA expirations may leak kernel resources.
  	(patch included).</a>
! <li><a href=errata.html#rc>Aug 5, 1999: In /etc/rc, use mktemp(1) for
  	motd re-writing and change the find(1) to use -execdir
  	(patch included).</a>
! <li><a href=errata.html#chflags>Jul 30, 1999: Do not permit regular
  	users to chflags(2) or fchflags(2) on character or block devices
  	which they may currently be the owner of (patch included).</a>
! <li><a href=errata.html#nroff>Jul 27, 1999: Cause groff(1) to be invoked
  	with the -S flag, when called by nroff(1) (patch included).</a>
  </ul>
  
--- 188,214 ----
  
  <p>
  <ul>
! <li><a href=errata25.html#cron>Aug 30, 1999: 
  	In cron(8), make sure argv[] is NULL terminated in the
  	fake popen() and run sendmail as the user, not as root.
  	(patch included).</a>
! <li><a href=errata25.html#miscfs>Aug 12, 1999: The procfs and fdescfs
  	filesystems had an overrun in their handling of uio_offset
  	in their readdir() routines. (These filesystems are not
  	enabled by default). (patch included).</a>
! <li><a href=errata25.html#profil>Aug 9, 1999: Stop profiling (see profil(2))
  	when we execve() a new process. (patch included).</a>
! <li><a href=errata25.html#ipsec_in_use>Aug 6, 1999: Packets that should have
  	been handled by IPsec may be transmitted as cleartext.
  	PF_KEY SA expirations may leak kernel resources.
  	(patch included).</a>
! <li><a href=errata25.html#rc>Aug 5, 1999: In /etc/rc, use mktemp(1) for
  	motd re-writing and change the find(1) to use -execdir
  	(patch included).</a>
! <li><a href=errata25.html#chflags>Jul 30, 1999: Do not permit regular
  	users to chflags(2) or fchflags(2) on character or block devices
  	which they may currently be the owner of (patch included).</a>
! <li><a href=errata25.html#nroff>Jul 27, 1999: Cause groff(1) to be invoked
  	with the -S flag, when called by nroff(1) (patch included).</a>
  </ul>
  
***************
*** 453,459 ****
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
  <br>
! <small>$OpenBSD: security.html,v 1.116 1999/10/28 16:58:03 deraadt Exp $</small>
  
  </body>
  </html>
--- 453,459 ----
  <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
  <a href=mailto:www@openbsd.org>www@openbsd.org</a>
  <br>
! <small>$OpenBSD: security.html,v 1.117 1999/11/09 09:00:36 deraadt Exp $</small>
  
  </body>
  </html>