===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.310
retrieving revision 1.311
diff -c -r1.310 -r1.311
*** www/security.html 2005/04/28 21:04:37 1.310
--- www/security.html 2005/05/17 16:21:23 1.311
***************
*** 229,253 ****
! - Apr 28, 2005:
Fix a buffer overflow, memory leaks, and NULL pointer
dereference in cvs(1).
!
- Mar 30, 2005:
Due to buffer overflows in telnet(1), a malicious
server or man-in-the-middle attack could allow
execution of arbitrary code with the privileges of
the user invoking telnet(1).
!
- Mar 16, 2005:
More stringent checking should be done in the copy(9)
functions to prevent their misuse.
!
- Feb 28, 2005:
More stringent checking should be done in the copy(9)
functions to prevent their misuse.
!
- Jan 12, 2005:
httpd(8)'s mod_include module fails to properly validate
the length of user supplied tag strings prior to copying
them to a local buffer, causing a buffer overflow.
!
- Dec 14, 2004:
On systems running isakmpd(8) it is possible for a local
user to cause kernel memory corruption and system panic by
setting ipsec(4) credentials on a socket.
--- 229,253 ----
! - Apr 28, 2005:
Fix a buffer overflow, memory leaks, and NULL pointer
dereference in cvs(1).
!
- Mar 30, 2005:
Due to buffer overflows in telnet(1), a malicious
server or man-in-the-middle attack could allow
execution of arbitrary code with the privileges of
the user invoking telnet(1).
!
- Mar 16, 2005:
More stringent checking should be done in the copy(9)
functions to prevent their misuse.
!
- Feb 28, 2005:
More stringent checking should be done in the copy(9)
functions to prevent their misuse.
!
- Jan 12, 2005:
httpd(8)'s mod_include module fails to properly validate
the length of user supplied tag strings prior to copying
them to a local buffer, causing a buffer overflow.
!
- Dec 14, 2004:
On systems running isakmpd(8) it is possible for a local
user to cause kernel memory corruption and system panic by
setting ipsec(4) credentials on a socket.
***************
*** 1337,1343 ****
www@openbsd.org
! $OpenBSD: security.html,v 1.310 2005/04/28 21:04:37 brad Exp $