New/modified release notes: Only two security profiles instead of three,

all inetd.conf services disabled by default but now editable in sysinstall(8). Deleted an item about disabling selected services in inetd.conf, since it was superceded by the above. While I'm here, rename the "Security Fixes" section to "Security-Related Changes".
2001-08-15 17:05:07 +00:00 · 2001-08-15 17:05:07 +00:00 · 99fe508b9d
commit 99fe508b9d
parent c70f4417dc
2 changed files with 16 additions and 12 deletions
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@ -807,9 +807,9 @@
    </sect3>
  </sect2>
  <sect2 id="security">
-    <title>Security Fixes</title>
+    <title>Security-Related Changes</title>

-    <para>&man.sysinstall.8; now allows the user to select one of three
+    <para>&man.sysinstall.8; now allows the user to select one of two
    <quote>security profiles</quote> at install-time.  These profiles enable
    different levels of system security by enabling or disabling
    various system services in &man.rc.conf.5; on new
@ -822,10 +822,6 @@
    <para>A security hole in Linux emulation was fixed (see security
    advisory FreeBSD-SA-00:42). &merged;</para>

-    <para>&man.rlogind.8;, &man.rshd.8;, and &man.fingerd.8; are now
-    disabled by default in <filename>/etc/inetd.conf</filename>.  This
-    only affects new installations. &merged;</para>
-
    <para>String-handling library calls in many programs were fixed to
    reduce the possibility of buffer overflow-related exploits.
    &merged;</para>
@ -979,6 +975,12 @@
    variables limit the amount of memory that can be consumed by IPv4
    and IPv6 packet fragments, which defends against some denial of service
    attacks (see security advisory FreeBSD-SA-01:52). &merged;</para>
+
+    <para>All services in <filename>inetd.conf</filename> are now
+    disabled by default for new installations.  &man.sysinstall.8;
+    gives the option of enabling or disabling &man.inetd.8; on new
+    installations, as well as editing
+    <filename>inetd.conf</filename>. &merged;</para>
  </sect2>
  <sect2 id="userland">
    <title>Userland Changes</title>
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@ -807,9 +807,9 @@
    </sect3>
  </sect2>
  <sect2 id="security">
-    <title>Security Fixes</title>
+    <title>Security-Related Changes</title>

-    <para>&man.sysinstall.8; now allows the user to select one of three
+    <para>&man.sysinstall.8; now allows the user to select one of two
    <quote>security profiles</quote> at install-time.  These profiles enable
    different levels of system security by enabling or disabling
    various system services in &man.rc.conf.5; on new
@ -822,10 +822,6 @@
    <para>A security hole in Linux emulation was fixed (see security
    advisory FreeBSD-SA-00:42). &merged;</para>

-    <para>&man.rlogind.8;, &man.rshd.8;, and &man.fingerd.8; are now
-    disabled by default in <filename>/etc/inetd.conf</filename>.  This
-    only affects new installations. &merged;</para>
-
    <para>String-handling library calls in many programs were fixed to
    reduce the possibility of buffer overflow-related exploits.
    &merged;</para>
@ -979,6 +975,12 @@
    variables limit the amount of memory that can be consumed by IPv4
    and IPv6 packet fragments, which defends against some denial of service
    attacks (see security advisory FreeBSD-SA-01:52). &merged;</para>
+
+    <para>All services in <filename>inetd.conf</filename> are now
+    disabled by default for new installations.  &man.sysinstall.8;
+    gives the option of enabling or disabling &man.inetd.8; on new
+    installations, as well as editing
+    <filename>inetd.conf</filename>. &merged;</para>
  </sect2>
  <sect2 id="userland">
    <title>Userland Changes</title>