New release note: Non-root-owned binaries in standard system paths

now have the schg flag set.

2 files changed, 12 insertions, 0 deletions

diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
index bd54346..b26f190 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@@ -1067,6 +1067,12 @@ hw.pcic.irq="0"</programlisting>
     <para>A race condition in &man.rmuser.8; that briefly exposed a
     world-readable <filename>/etc/master.passwd</filename> has been
     fixed (see security advisory FreeBSD-SA-01:59). &merged;</para>
+
+    <para>All non-<username>root</username>-owned binaries in standard
+    system paths now have the <literal>schg</literal> flag set to
+    prevent exploit vectors when run by &man.cron.8;, by
+    <username>root</username>, or by a user other then the one owning
+    the binary.</para>
   </sect2>
   <sect2 id="userland">
     <title>Userland Changes</title>
diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
index bd54346..b26f190 100644
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@@ -1067,6 +1067,12 @@ hw.pcic.irq="0"</programlisting>
     <para>A race condition in &man.rmuser.8; that briefly exposed a
     world-readable <filename>/etc/master.passwd</filename> has been
     fixed (see security advisory FreeBSD-SA-01:59). &merged;</para>
+
+    <para>All non-<username>root</username>-owned binaries in standard
+    system paths now have the <literal>schg</literal> flag set to
+    prevent exploit vectors when run by &man.cron.8;, by
+    <username>root</username>, or by a user other then the one owning
+    the binary.</para>
   </sect2>
   <sect2 id="userland">
     <title>Userland Changes</title>