summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbmah <bmah@FreeBSD.org>2000-11-13 05:19:22 +0000
committerbmah <bmah@FreeBSD.org>2000-11-13 05:19:22 +0000
commit814fbde0112d9ab104a822758fc2a37e5e046c59 (patch)
tree32977fd33a9cbef6cf5a9cb3d98b64440957554f
parent130199c7700bb58440bc0176a54643b97dc8c183 (diff)
downloadFreeBSD-src-814fbde0112d9ab104a822758fc2a37e5e046c59.zip
FreeBSD-src-814fbde0112d9ab104a822758fc2a37e5e046c59.tar.gz
Mention security advisories FreeBSD-SA-00:{42,61,62,63}. Note that
IP Filter is now supported by rc.conf(5). Minor grammar fix in sshd item.
-rw-r--r--release/texts/alpha/RELNOTES.TXT18
-rw-r--r--release/texts/i386/RELNOTES.TXT18
2 files changed, 34 insertions, 2 deletions
diff --git a/release/texts/alpha/RELNOTES.TXT b/release/texts/alpha/RELNOTES.TXT
index b99bb6b..036bf21 100644
--- a/release/texts/alpha/RELNOTES.TXT
+++ b/release/texts/alpha/RELNOTES.TXT
@@ -189,6 +189,9 @@ profiles" at install-time. These profiles enable different levels of
system security by enabling or disabling various system services in
rc.conf(5) on new installs. [MERGED]
+A security hole in Linux emulation was fixed (see security advisory
+FreeBSD-SA-00:42). [MERGED]
+
rlogind(8), rshd(8), and fingerd(8) are now disabled by default in
/etc/inetd.conf. This only affects new installations. [MERGED]
@@ -198,6 +201,16 @@ the possibility of buffer overflow-related exploits. [MERGED]
TCP now uses stronger randomness in choosing its initial sequence
numbers (see security advisory FreeBSD-SA-00:52). [MERGED]
+Several buffer overflows in tcpdump(1) were corrected (see security
+advisory FreeBSD-SA-00:61). [MERGED]
+
+A security hole in top(1) was corrected (see security advisory
+FreeBSD-SA-00:62). [MERGED]
+
+A potential security hole caused by an off-by-one-error in
+gethostbyname(3) has been fixed (see security advisory
+FreeBSD-SA-00:63). [MERGED]
+
1.3. USERLAND CHANGES
---------------------
@@ -314,7 +327,7 @@ OpenSSL implementation of the RSA algorithm is now activated by
default, and the rsaref port and librsaUSA are no longer
required for USA residents. [MERGED]
-sshd now enabled by default on new installs. [MERGED]
+sshd is now enabled by default on new installs. [MERGED]
perl has been updated to version 5.6.0.
@@ -395,6 +408,9 @@ chflags(1) has moved from /usr/bin to /bin.
Use of the CSMG_* macros no longer require inclusion of <sys/param.h>.
+IP Filter is now supported by the rc.conf(5) boot-time configuration
+and initialization. [MERGED]
+
2. Supported Configurations
---------------------------
diff --git a/release/texts/i386/RELNOTES.TXT b/release/texts/i386/RELNOTES.TXT
index 4824b4a..58a41a8 100644
--- a/release/texts/i386/RELNOTES.TXT
+++ b/release/texts/i386/RELNOTES.TXT
@@ -242,6 +242,9 @@ profiles" at install-time. These profiles enable different levels of
system security by enabling or disabling various system services in
rc.conf(5) on new installs. [MERGED]
+A security hole in Linux emulation was fixed (see security advisory
+FreeBSD-SA-00:42). [MERGED]
+
rlogind(8), rshd(8), and fingerd(8) are now disabled by default in
/etc/inetd.conf. This only affects new installations. [MERGED]
@@ -251,6 +254,16 @@ possibility of buffer overflow-related exploits. [MERGED]
TCP now uses stronger randomness in choosing its initial sequence
numbers (see security advisory FreeBSD-SA-00:52). [MERGED]
+Several buffer overflows in tcpdump(1) were corrected (see security
+advisory FreeBSD-SA-00:61). [MERGED]
+
+A security hole in top(1) was corrected (see security advisory
+FreeBSD-SA-00:62). [MERGED]
+
+A potential security hole caused by an off-by-one-error in
+gethostbyname(3) has been fixed (see security advisory
+FreeBSD-SA-00:63). [MERGED]
+
1.3. USERLAND CHANGES
---------------------
@@ -386,7 +399,7 @@ OpenSSL implementation of the RSA algorithm is now activated by
default, and the rsaref port and librsaUSA are no longer
required for USA residents. [MERGED]
-sshd now enabled by default on new installs. [MERGED]
+sshd is now enabled by default on new installs. [MERGED]
perl has been updated to version 5.6.0.
@@ -467,6 +480,9 @@ chflags(1) has moved from /usr/bin to /bin.
Use of the CSMG_* macros no longer require inclusion of <sys/param.h>.
+IP Filter is now supported by the rc.conf(5) boot-time configuration
+and initialization. [MERGED]
+
2. Supported Configurations
---------------------------
OpenPOWER on IntegriCloud