Modified release note: Rewrite CVS update note to reflect reality

Submitted by: nectar
author: bmah <bmah@FreeBSD.org> 2004-01-27 00:50:21 +0000
committer: bmah <bmah@FreeBSD.org> 2004-01-27 00:50:21 +0000
commit: def0705074b6fa5839b347d07cc2d7f6cef85390 (patch)
tree: 7d57a49392db2f0db0c5b1d7944604efc9dea1c8 /release
parent: 3014162ffaeb59f08f7f69d47a6861c3dfe641c6 (diff)
download: FreeBSD-src-def0705074b6fa5839b347d07cc2d7f6cef85390.zip
FreeBSD-src-def0705074b6fa5839b347d07cc2d7f6cef85390.tar.gz
2 files changed, 12 insertions, 12 deletions
diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
index face1a3..7e5020b 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@@ -290,12 +290,12 @@
     <para>The <application>ACPI-CA</application> code has been updated
       from the 20030619 snapshot to the 20031203 snapshot.</para>
 
-    <para>Two security fixes for <application>CVS</application> (one
-      related to pserver operation and the other dealing with
-      malformed module requests) have been backported from later
-      versions.  One side effect of this update is that running
-      pserver as <username>root</username> (a configuration that was
-      already unsupported and insecure) no longer works.</para>
+    <para>Security improvements from <application>CVS</application>
+      1.11.10 and 1.11.11 have been backported.  Specifically, certain
+      malformed module requests are now rejected, and when using
+      <command>cvs pserver</command> mode, attempts to authenticate as
+      <username>root</username> are rejected and recorded via
+      &man.syslog.3;.</para>
 
     <para><application>OpenSSH</application> has been updated from
       3.6.1p1 to 3.7.1p2.</para>
diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
index face1a3..7e5020b 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@@ -290,12 +290,12 @@
     <para>The <application>ACPI-CA</application> code has been updated
       from the 20030619 snapshot to the 20031203 snapshot.</para>
 
-    <para>Two security fixes for <application>CVS</application> (one
-      related to pserver operation and the other dealing with
-      malformed module requests) have been backported from later
-      versions.  One side effect of this update is that running
-      pserver as <username>root</username> (a configuration that was
-      already unsupported and insecure) no longer works.</para>
+    <para>Security improvements from <application>CVS</application>
+      1.11.10 and 1.11.11 have been backported.  Specifically, certain
+      malformed module requests are now rejected, and when using
+      <command>cvs pserver</command> mode, attempts to authenticate as
+      <username>root</username> are rejected and recorded via
+      &man.syslog.3;.</para>
 
     <para><application>OpenSSH</application> has been updated from
       3.6.1p1 to 3.7.1p2.</para>
author	bmah <bmah@FreeBSD.org>	2004-01-27 00:50:21 +0000
committer	bmah <bmah@FreeBSD.org>	2004-01-27 00:50:21 +0000
commit	def0705074b6fa5839b347d07cc2d7f6cef85390 (patch)
tree	7d57a49392db2f0db0c5b1d7944604efc9dea1c8 /release
parent	3014162ffaeb59f08f7f69d47a6861c3dfe641c6 (diff)
download	FreeBSD-src-def0705074b6fa5839b347d07cc2d7f6cef85390.zip FreeBSD-src-def0705074b6fa5839b347d07cc2d7f6cef85390.tar.gz