diff options
| author | bmah <bmah@FreeBSD.org> | 2002-01-05 06:07:17 +0000 |
|---|---|---|
| committer | bmah <bmah@FreeBSD.org> | 2002-01-05 06:07:17 +0000 |
| commit | b0bee8fb18a697d60d96e6e18fa94dc3ad26445a (patch) | |
| tree | 7ad544e5bb71ee88663702026f7d32277e799f5e /release | |
| parent | f565bf39a4e65e95cc2aa8f428140d1e8c613c5f (diff) | |
| download | FreeBSD-src-b0bee8fb18a697d60d96e6e18fa94dc3ad26445a.zip FreeBSD-src-b0bee8fb18a697d60d96e6e18fa94dc3ad26445a.tar.gz | |
New release notes: SA-02:01, SA-02:02.
Diffstat (limited to 'release')
| -rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.sgml | 10 | ||||
| -rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 10 |
2 files changed, 20 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index 2d7f508..c690ff8 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -1430,6 +1430,16 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting> closed. Note that the default value of this setting is <literal>UseLogin no</literal>. (See security advisory FreeBSD-SA-01:63.) &merged;</para> + + <para>The use of an insecure temporary directory by + &man.pkg.add.1; could permit a local attacker to modify the + contents of binary packages while they were being installed. + This hole has been closed. (See security advisory + FreeBSD-SA-02:01.) &merged;</para> + + <para>A race condition in &man.pw.8;, which could expose the + contents of <filename>/etc/master.passwd</filename>, has been + eliminated. (See security advisory FreeBSD-SA-02:02.) &merged;</para> </sect2> <sect2 id="userland"> <title>Userland Changes</title> diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index 2d7f508..c690ff8 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -1430,6 +1430,16 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting> closed. Note that the default value of this setting is <literal>UseLogin no</literal>. (See security advisory FreeBSD-SA-01:63.) &merged;</para> + + <para>The use of an insecure temporary directory by + &man.pkg.add.1; could permit a local attacker to modify the + contents of binary packages while they were being installed. + This hole has been closed. (See security advisory + FreeBSD-SA-02:01.) &merged;</para> + + <para>A race condition in &man.pw.8;, which could expose the + contents of <filename>/etc/master.passwd</filename>, has been + eliminated. (See security advisory FreeBSD-SA-02:02.) &merged;</para> </sect2> <sect2 id="userland"> <title>Userland Changes</title> |
