On 2026/03/13 06:37, Justin Swartz wrote:
> OpenBSD 7.8 [PARTIAL LEAKAGE]
>
> The client blocks most variables which have not been explicitly
> exported, but potentially sensitive variables such as DISPLAY,
> XAUTHORITY and PRINTER are leaked without prior export.
ha, we've had that for a long time.
---------------------
Date: 2005/02/27 15:46:42
Author: otto
Branch: HEAD
Tag: OPENBSD_3_7_BASE
Log:
- only send exported vars (based on a diff from Solar Designer)
- fix some buffer overflows (also some Solar Designer input)
ok deraadt@ cloder@
Members:
authenc.c:1.6->1.7
commands.c:1.47->1.48
externs.h:1.13->1.14
telnet.c:1.18->1.19
---------------------
