version 1.232, 2003/01/21 03:47:10 |
version 1.233, 2003/01/30 22:02:17 |
|
|
<li><a href=errata.html#cvs>January 20, 2003: |
<li><a href=errata.html#cvs>January 20, 2003: |
A double free exists in cvs(1) that could lead to privilege |
A double free exists in cvs(1) that could lead to privilege |
escalation for cvs configurations where the cvs command is |
escalation for cvs configurations where the cvs command is |
run as a privileged user. |
run as a privileged user.</a> |
<li><a href=errata.html#named>November 14, 2002: |
<li><a href=errata.html#named>November 14, 2002: |
A buffer overflow exists in named(8) that could lead to a |
A buffer overflow exists in named(8) that could lead to a |
remote crash or code execution as user named in a chroot jail.</a> |
remote crash or code execution as user named in a chroot jail.</a> |
|
<li><a href=errata.html#pool>November 6, 2002: |
|
A logic error in the pool kernel memory allocator could cause |
|
memory corruption in low-memory situations, causing the system |
|
to crash.</a> |
<li><a href=errata.html#smrsh>November 6, 2002: |
<li><a href=errata.html#smrsh>November 6, 2002: |
An attacker can bypass smrsh(8)'s restrictions and execute |
An attacker can bypass smrsh(8)'s restrictions and execute |
arbitrary commands with the privileges of his own account.</a> |
arbitrary commands with the privileges of his own account.</a> |
|
<li><a href=errata.html#pfbridge>November 6, 2002: |
|
Network bridges running pf with scrubbing enabled could cause |
|
mbuf corruption, causing the system to crash.</a> |
<li><a href=errata.html#kadmin>October 21, 2002: |
<li><a href=errata.html#kadmin>October 21, 2002: |
A buffer overflow can occur in the kadmind(8) daemon, leading |
A buffer overflow can occur in the kadmind(8) daemon, leading |
to possible remote crash or exploit.</a> |
to possible remote crash or exploit.</a> |