===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.135
retrieving revision 1.136
diff -c -r1.135 -r1.136
*** www/security.html 2000/06/28 18:10:02 1.135
--- www/security.html 2000/07/05 22:40:38 1.136
***************
*** 190,195 ****
--- 190,205 ----
+ - July 5, 2000:
+ Just like pretty much all the other unix ftp daemons
+ on the planet, ftpd had a remote root hole in it.
+ Luckily, ftpd was not enabled by default.
+ The problem exists if anonymous ftp is enabled, or if a
+ hostile user has a valid login.
+ (patch included)
+
- July 5, 2000:
+ Mopd, very rarely used, contained some buffer overflows.
+ (patch included)
- June 28, 2000:
libedit would check for a .editrc file in the current
directory. Not known to be a real security issue, but a patch
***************
*** 549,555 ****
www@openbsd.org
! $OpenBSD: security.html,v 1.135 2000/06/28 18:10:02 deraadt Exp $