diff options
author | bmah <bmah@FreeBSD.org> | 2001-12-04 17:27:32 +0000 |
---|---|---|
committer | bmah <bmah@FreeBSD.org> | 2001-12-04 17:27:32 +0000 |
commit | 33aa47d82708b9241299cc39ae8948dd770659e5 (patch) | |
tree | 93130dc625fd9d4b319b4a27888f46a41e82cf59 /release | |
parent | 4ad5ac9832d4055bfe7d6f43810d22db1486a6a5 (diff) | |
download | FreeBSD-src-33aa47d82708b9241299cc39ae8948dd770659e5.zip FreeBSD-src-33aa47d82708b9241299cc39ae8948dd770659e5.tar.gz |
Reword "OpenSSH UseLogin yes" item, with cross-reference to
security advisory.
Diffstat (limited to 'release')
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.sgml | 8 | ||||
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 8 |
2 files changed, 10 insertions, 6 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index 6aeb2d5..ee0823a 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -1335,9 +1335,11 @@ &man.semop.2; system call has been closed. &merged;</para> <para>A security hole in <application>OpenSSH</application>, - involving the <literal>UseLogin yes</literal> setting, has been - closed (note that the default for this setting is - <literal>UseLogin no</literal>). &merged;</para> + which could allow users to execute code with arbitrary privileges + if <literal>UseLogin yes</literal> was set, has been + closed. Note that the default value of this setting is + <literal>UseLogin no</literal>. (See security advisory + FreeBSD-SA-01:63.) &merged;</para> </sect2> <sect2 id="userland"> <title>Userland Changes</title> diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index 6aeb2d5..ee0823a 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -1335,9 +1335,11 @@ &man.semop.2; system call has been closed. &merged;</para> <para>A security hole in <application>OpenSSH</application>, - involving the <literal>UseLogin yes</literal> setting, has been - closed (note that the default for this setting is - <literal>UseLogin no</literal>). &merged;</para> + which could allow users to execute code with arbitrary privileges + if <literal>UseLogin yes</literal> was set, has been + closed. Note that the default value of this setting is + <literal>UseLogin no</literal>. (See security advisory + FreeBSD-SA-01:63.) &merged;</para> </sect2> <sect2 id="userland"> <title>Userland Changes</title> |