version 1.319, 2006/01/05 05:34:08 |
version 1.320, 2006/02/12 10:25:39 |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href="errata.html#ssh">Feb 12, 2006: |
|
Josh Bressers has reported a weakness in OpenSSH caused due to the |
|
insecure use of the system(3) function in scp(1) when performing copy |
|
operations using filenames that are supplied by the user from the |
|
command line.</a> |
<li><a href="errata.html#fd">Jan 5, 2006: |
<li><a href="errata.html#fd">Jan 5, 2006: |
Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
/dev/fd.</a> |
/dev/fd.</a> |
|
|
|
|
<p> |
<p> |
<ul> |
<ul> |
|
<li><a href="errata37.html#ssh">Feb 12, 2006: |
|
Josh Bressers has reported a weakness in OpenSSH caused due to the |
|
insecure use of the system(3) function in scp(1) when performing copy |
|
operations using filenames that are supplied by the user from the |
|
command line.</a> |
<li><a href="errata37.html#fd">Jan 5, 2006: |
<li><a href="errata37.html#fd">Jan 5, 2006: |
Do not allow users to trick suid programs into re-opening files via |
Do not allow users to trick suid programs into re-opening files via |
/dev/fd.</a> |
/dev/fd.</a> |