From 5bb3c6521b715c566f7f9778237a2cdeeab94b92 Mon Sep 17 00:00:00 2001 From: bmah Date: Thu, 7 Mar 2002 16:53:21 +0000 Subject: [PATCH] New release note: SA-02:13. --- release/doc/en_US.ISO8859-1/relnotes/article.sgml | 9 +++++++++ release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index bcc955022c34..6b3d208f32dc 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) &merged; + + An off-by-one bug has been fixed in + OpenSSH's multiplexing code. This bug + could have allowed a connecting SSH client to execute arbitrary + code with the privileges of the client user. (See security + advisory FreeBSD-SA-02:13.) + &merged; + Userland Changes diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index bcc955022c34..6b3d208f32dc 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) &merged; + + An off-by-one bug has been fixed in + OpenSSH's multiplexing code. This bug + could have allowed a connecting SSH client to execute arbitrary + code with the privileges of the client user. (See security + advisory FreeBSD-SA-02:13.) + &merged; + Userland Changes