summaryrefslogtreecommitdiffstats
path: root/release
diff options
context:
space:
mode:
authorhrs <hrs@FreeBSD.org>2003-10-05 08:15:54 +0000
committerhrs <hrs@FreeBSD.org>2003-10-05 08:15:54 +0000
commit85a7ee1518e4384334474f80bafb2e57d509ad7e (patch)
tree3b0d7ade591522e13008d4e8623b55676ead4a00 /release
parent871953665f6e06df6ae8f3dd10f57318f4ba81b8 (diff)
downloadFreeBSD-src-85a7ee1518e4384334474f80bafb2e57d509ad7e.zip
FreeBSD-src-85a7ee1518e4384334474f80bafb2e57d509ad7e.tar.gz
New errata: SA-03:14, SA-03:17, SA-03:18.
Diffstat (limited to 'release')
-rw-r--r--release/doc/en_US.ISO8859-1/errata/article.sgml23
1 files changed, 23 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml
index 17d2c48..356dd78 100644
--- a/release/doc/en_US.ISO8859-1/errata/article.sgml
+++ b/release/doc/en_US.ISO8859-1/errata/article.sgml
@@ -166,6 +166,29 @@
advisory
<ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc">FreeBSD-SA-03:13</ulink>.</para>
+ <para>The &os; ARP code contains a bug that could allow the kernel
+ to cause resource starvation which eventually results in a system panic.
+ This bug has been fixed on the &release.branch; development branch and the
+ &release.prev; security fix branch. More information can be
+ found in security advisory
+ <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc">FreeBSD-SA-03:14</ulink>.</para>
+
+ <para>The implementation of the &man.procfs.5; and the &man.linprocfs.5;
+ contain a bug that could result in disclosing the contents of kernel memory.
+ This bug has been fixed on the &release.branch; development branch and the
+ &release.prev; security fix branch. More information can be
+ found in security advisory
+ <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:17.procfs.asc">FreeBSD-SA-03:17</ulink>.</para>
+
+ <para><application>OpenSSL</application> contains several bugs
+ which could allow a remote attacker to crash an
+ <application>OpenSSL</application>-using application or
+ to execute arbitrary code with the privileges of the application.
+ Note that only applications that use <application>OpenSSL</application>'s
+ ASN.1 or X.509 handling code are affected (<application>OpenSSH</application>
+ is unaffected, for example).
+ More information can be found in security advisory
+ <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:18.openssl.asc">FreeBSD-SA-03:18</ulink>.</para>
]]>
</sect1>
OpenPOWER on IntegriCloud