[BACK]Return to security.html CVS log [TXT][DIR] Up to [local] / www

Diff for /www/security.html between version 1.310 and 1.311

version 1.310, 2005/04/28 21:04:37 version 1.311, 2005/05/17 16:21:23
Line 229 
Line 229 
   
 <p>  <p>
 <ul>  <ul>
 <li><a href="errata.html#cvs">Apr 28, 2005:  <li><a href="errata36.html#cvs">Apr 28, 2005:
         Fix a buffer overflow, memory leaks, and NULL pointer          Fix a buffer overflow, memory leaks, and NULL pointer
         dereference in cvs(1).</a>          dereference in cvs(1).</a>
 <li><a href="errata.html#telnet">Mar 30, 2005:  <li><a href="errata36.html#telnet">Mar 30, 2005:
         Due to buffer overflows in telnet(1), a malicious          Due to buffer overflows in telnet(1), a malicious
         server or man-in-the-middle attack could allow          server or man-in-the-middle attack could allow
         execution of arbitrary code with the privileges of          execution of arbitrary code with the privileges of
         the user invoking telnet(1).</a>          the user invoking telnet(1).</a>
 <li><a href="errata.html#copy">Mar 16, 2005:  <li><a href="errata36.html#copy">Mar 16, 2005:
         More stringent checking should be done in the copy(9)          More stringent checking should be done in the copy(9)
         functions to prevent their misuse.</a>          functions to prevent their misuse.</a>
 <li><a href="errata.html#locore">Feb 28, 2005:  <li><a href="errata36.html#locore">Feb 28, 2005:
         More stringent checking should be done in the copy(9)          More stringent checking should be done in the copy(9)
         functions to prevent their misuse.</a>          functions to prevent their misuse.</a>
 <li><a href="errata.html#httpd">Jan 12, 2005:  <li><a href="errata36.html#httpd">Jan 12, 2005:
         httpd(8)'s mod_include module fails to properly validate          httpd(8)'s mod_include module fails to properly validate
         the length of user supplied tag strings prior to copying          the length of user supplied tag strings prior to copying
         them to a local buffer, causing a buffer overflow.</a>          them to a local buffer, causing a buffer overflow.</a>
 <li><a href="errata.html#pfkey">Dec 14, 2004:  <li><a href="errata36.html#pfkey">Dec 14, 2004:
         On systems running isakmpd(8) it is possible for a local          On systems running isakmpd(8) it is possible for a local
         user to cause kernel memory corruption and system panic by          user to cause kernel memory corruption and system panic by
         setting ipsec(4) credentials on a socket.</a>          setting ipsec(4) credentials on a socket.</a>
Legend:
Removed from v.1.310  
changed lines
  Added in v.1.311