===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.120
retrieving revision 1.121
diff -u -r1.120 -r1.121
--- www/security.html	1999/12/03 00:34:26	1.120
+++ www/security.html	1999/12/04 19:59:19	1.121
@@ -197,6 +197,11 @@
 	USA version of libssl, is possibly exploitable in
 	httpd, ssh, or isakmpd, if SSL/RSA features are enabled.
 	(patch included).</a>
+<li><a href=errata.html#sendmail>Dec 4, 1999:
+	Sendmail permitted any user to cause a aliases file wrap,
+	thus exposing the system to a race where the aliases file
+	did not exist.
+	(patch included).</a>
 </ul>
 
 <p>
@@ -485,7 +490,7 @@
 <a href=index.html><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
 <a href=mailto:www@openbsd.org>www@openbsd.org</a>
 <br>
-<small>$OpenBSD: security.html,v 1.120 1999/12/03 00:34:26 deraadt Exp $</small>
+<small>$OpenBSD: security.html,v 1.121 1999/12/04 19:59:19 deraadt Exp $</small>
 
 </body>
 </html>