New release note: SA-02:13.
This commit is contained in:
parent
7b2187d186
commit
5bb3c6521b
@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
|
||||
given up superuser privileges to regain them. This bug has been
|
||||
fixed. (See security advisory FreeBSD-SA-02:07.)
|
||||
&merged;</para>
|
||||
|
||||
<para>An <quote>off-by-one</quote> bug has been fixed in
|
||||
<application>OpenSSH</application>'s multiplexing code. This bug
|
||||
could have allowed a connecting SSH client to execute arbitrary
|
||||
code with the privileges of the client user. (See security
|
||||
advisory <ulink
|
||||
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)
|
||||
&merged;</para>
|
||||
|
||||
</sect2>
|
||||
<sect2 id="userland">
|
||||
<title>Userland Changes</title>
|
||||
|
@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>
|
||||
given up superuser privileges to regain them. This bug has been
|
||||
fixed. (See security advisory FreeBSD-SA-02:07.)
|
||||
&merged;</para>
|
||||
|
||||
<para>An <quote>off-by-one</quote> bug has been fixed in
|
||||
<application>OpenSSH</application>'s multiplexing code. This bug
|
||||
could have allowed a connecting SSH client to execute arbitrary
|
||||
code with the privileges of the client user. (See security
|
||||
advisory <ulink
|
||||
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)
|
||||
&merged;</para>
|
||||
|
||||
</sect2>
|
||||
<sect2 id="userland">
|
||||
<title>Userland Changes</title>
|
||||
|
Loading…
Reference in New Issue
Block a user