===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.135
retrieving revision 1.136
diff -u -r1.135 -r1.136
--- www/security.html 2000/06/28 18:10:02 1.135
+++ www/security.html 2000/07/05 22:40:38 1.136
@@ -190,6 +190,16 @@
+- July 5, 2000:
+ Just like pretty much all the other unix ftp daemons
+ on the planet, ftpd had a remote root hole in it.
+ Luckily, ftpd was not enabled by default.
+ The problem exists if anonymous ftp is enabled, or if a
+ hostile user has a valid login.
+ (patch included)
+
- July 5, 2000:
+ Mopd, very rarely used, contained some buffer overflows.
+ (patch included)
- June 28, 2000:
libedit would check for a .editrc file in the current
directory. Not known to be a real security issue, but a patch
@@ -549,7 +559,7 @@
www@openbsd.org
-$OpenBSD: security.html,v 1.135 2000/06/28 18:10:02 deraadt Exp $
+$OpenBSD: security.html,v 1.136 2000/07/05 22:40:38 deraadt Exp $