The pw_error(3) function was vulnerable to a format string attack.

Apply by doing:
	cd /usr/src
	patch -p0 < 025_pw_error.patch

And then rebuild and install libutil.
	cd lib/libutil
	make depend
	make
	make install

Index: lib/libutil/passwd.c
===================================================================
RCS file: /cvs/src/lib/libutil/passwd.c,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- lib/libutil/passwd.c	1998/11/16 07:10:32	1.20
+++ lib/libutil/passwd.c	2000/06/30 16:00:07	1.21
@@ -579,7 +579,7 @@
 	char   *master = pw_file(_PATH_MASTERPASSWD);
 
 	if (err)
-		warn(name);
+		warn("%s", name);
 	if (master)
 		warnx("%s: unchanged", master);
 	pw_abort();