New release note: SA-02:13.

This commit is contained in:
bmah 2002-03-07 16:53:21 +00:00
parent 7b2187d186
commit 5bb3c6521b
2 changed files with 18 additions and 0 deletions

View File

@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
given up superuser privileges to regain them. This bug has been
fixed. (See security advisory FreeBSD-SA-02:07.)
&merged;</para>
<para>An <quote>off-by-one</quote> bug has been fixed in
<application>OpenSSH</application>'s multiplexing code. This bug
could have allowed a connecting SSH client to execute arbitrary
code with the privileges of the client user. (See security
advisory <ulink
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)
&merged;</para>
</sect2>
<sect2 id="userland">
<title>Userland Changes</title>

View File

@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
given up superuser privileges to regain them. This bug has been
fixed. (See security advisory FreeBSD-SA-02:07.)
&merged;</para>
<para>An <quote>off-by-one</quote> bug has been fixed in
<application>OpenSSH</application>'s multiplexing code. This bug
could have allowed a connecting SSH client to execute arbitrary
code with the privileges of the client user. (See security
advisory <ulink
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)
&merged;</para>
</sect2>
<sect2 id="userland">
<title>Userland Changes</title>