[src/netbsd-1-4]: src A few more:

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/c906efe17b86
branches:  netbsd-1-4
changeset: 470932:c906efe17b86
user:      he <he%NetBSD.org@localhost>
date:      Wed Oct 04 14:12:34 2000 +0000

description:
A few more:
 o close potential format string security holes in
   lpd, mopd, nls and passwd (in libutil)

diffstat:

 CHANGES-1.4.3 |  21 ++++++++++++++++++++-
 1 files changed, 20 insertions(+), 1 deletions(-)

diffs (32 lines):

diff -r 7e8a6b344146 -r c906efe17b86 CHANGES-1.4.3
--- a/CHANGES-1.4.3     Wed Oct 04 14:11:02 2000 +0000
+++ b/CHANGES-1.4.3     Wed Oct 04 14:12:34 2000 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-1.4.3,v 1.1.2.63 2000/09/26 15:25:01 he Exp $
+#      $NetBSD: CHANGES-1.4.3,v 1.1.2.64 2000/10/04 14:12:34 he Exp $
 
 A complete list of changes from NetBSD 1.4.2 to NetBSD 1.4.3:
 
@@ -1375,3 +1375,22 @@
 
   Make sure install notes are built before installing them under
   ``make release''.
+
+usr.sbin/lpr/lpd/printjob.c                    1.23-1.24
+
+  Fix potential syslog() format string hole.
+
+usr.sbin/mopd/mopd/process.c                   1.8-1.9
+
+  Close buffer overrun, format string problems.
+
+lib/libc/nls/catopen.c                         1.17-1.18
+lib/libc/locale/setlocale.c                    1.20-1.21
+
+  Ignore NLSPATH, PATH_LOCALE if issetuid().
+  Disallow `/' in LC_* and LANG environment variables.
+  Close one-byte buffer-overrun in catopen().
+
+lib/libutil/passwd.c                           1.25
+
+  Close possible format-string hole.