diff options
author | bmah <bmah@FreeBSD.org> | 2003-03-31 17:38:18 +0000 |
---|---|---|
committer | bmah <bmah@FreeBSD.org> | 2003-03-31 17:38:18 +0000 |
commit | 0047376e21319f85802ae38cb964fa7f78294a7c (patch) | |
tree | 2f88a4351fcbaa128d5683f38e2cccf07ca5cae4 /release/doc/en_US.ISO8859-1/errata | |
parent | c112976199e969a415cf93f04cfdb60e1c8c2947 (diff) | |
download | FreeBSD-src-0047376e21319f85802ae38cb964fa7f78294a7c.zip FreeBSD-src-0047376e21319f85802ae38cb964fa7f78294a7c.tar.gz |
New release notes/errata: SA-03:07.
Submitted by: gshapiro
Diffstat (limited to 'release/doc/en_US.ISO8859-1/errata')
-rw-r--r-- | release/doc/en_US.ISO8859-1/errata/article.sgml | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml index 4901d6e..f31d9aa 100644 --- a/release/doc/en_US.ISO8859-1/errata/article.sgml +++ b/release/doc/en_US.ISO8859-1/errata/article.sgml @@ -133,13 +133,15 @@ given in security advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> - <para>Due to a buffer overflow in header parsing in <application>sendmail</application>, a remote + <para>Due to buffer overflows in header parsing in <application>sendmail</application>, a remote attacker can create a specially-crafted message that may cause &man.sendmail.8; to execute arbitrary code with the privileges of the user running it, typically <username>root</username>. More information, including pointers - to patches, can be found in security advisory <ulink - url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> + to patches, can be found in security advisories <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink> + and <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>.</para> <para>The XDR encoder/decoder does incorrect bounds-checking, which could allow a remote attacker to cause a |