www/security.html - diff

Return to security.html CVS log

Up to [local] / www

Diff for /www/security.html between version 1.356 and 1.357

version 1.356, 2008/03/07 18:15:14

version 1.357, 2008/03/31 01:40:47

Line 62

<a href="#39">3.9</a>,

<a href="#40">4.0</a>,

<a href="#41">4.1</a>,

<a href="#42">4.2</a>.

<a href="#42">4.2</a>,

<a href="#43">4.3</a>.

</td>

</tr>

</table>

Line 227

Line 228

<li><h3><font color="#e00000">Advisories</font></h3><p>

<li>

<h3><font color="#e00000">OpenBSD 4.3 Security Advisories</font></h3>

These are the OpenBSD 4.3 advisories -- all these problems are solved

in <a href=anoncvs.html>OpenBSD current</a> and the

<a href=stable.html>patch branch</a>.

<p>

<ul>

<li><a href="errata43.html#001_openssh">March 30, 2008:

sshd(8) could allow arbitrary commands to be executed via ~/.ssh/rc

even when a sshd_config(5) ForceCommand directive was in effect.</a>

</ul>

<li>

<h3><font color="#e00000">OpenBSD 4.2 Security Advisories</font></h3>

Line 236

Line 253

<p>

<ul>

<li><a href="errata42.html#010_openssh">March 30, 2008:

sshd(8) could allow arbitrary commands to be executed via ~/.ssh/rc

even when a sshd_config(5) ForceCommand directive was in effect.</a>

<li><a href="errata42.html#009_ppp">March 7, 2008:

Command prompt parsing buffer overflow in ppp.</a>

<li><a href="errata42.html#006_xorg">Feb 8, 2008:

Line 260

Line 280

<p>

<ul>

<li><a href="errata41.html#015_openssh">March 30, 2008:

sshd(8) could allow arbitrary commands to be executed via ~/.ssh/rc

even when a sshd_config(5) ForceCommand directive was in effect.</a>

<li><a href="errata41.html#014_ppp">March 7, 2008:

Command prompt parsing buffer overflow in ppp.</a>

<li><a href="errata41.html#012_xorg">Feb 8, 2008: