diff options
Diffstat (limited to 'release/doc')
| -rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.sgml | 9 | ||||
| -rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 9 |
2 files changed, 18 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index bcc955022c34..6b3d208f32dc 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting> given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) &merged;</para> + + <para>An <quote>off-by-one</quote> bug has been fixed in + <application>OpenSSH</application>'s multiplexing code. This bug + could have allowed a connecting SSH client to execute arbitrary + code with the privileges of the client user. (See security + advisory <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.) + &merged;</para> + </sect2> <sect2 id="userland"> <title>Userland Changes</title> diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index bcc955022c34..6b3d208f32dc 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -1602,6 +1602,15 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting> given up superuser privileges to regain them. This bug has been fixed. (See security advisory FreeBSD-SA-02:07.) &merged;</para> + + <para>An <quote>off-by-one</quote> bug has been fixed in + <application>OpenSSH</application>'s multiplexing code. This bug + could have allowed a connecting SSH client to execute arbitrary + code with the privileges of the client user. (See security + advisory <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.) + &merged;</para> + </sect2> <sect2 id="userland"> <title>Userland Changes</title> |