diff options
Diffstat (limited to 'release/doc')
-rw-r--r-- | release/doc/en_US.ISO8859-1/errata/article.sgml | 8 | ||||
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/article.sgml | 10 | ||||
-rw-r--r-- | release/doc/en_US.ISO8859-1/relnotes/common/new.sgml | 10 |
3 files changed, 17 insertions, 11 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml index 4901d6e..f31d9aa 100644 --- a/release/doc/en_US.ISO8859-1/errata/article.sgml +++ b/release/doc/en_US.ISO8859-1/errata/article.sgml @@ -133,13 +133,15 @@ given in security advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> - <para>Due to a buffer overflow in header parsing in <application>sendmail</application>, a remote + <para>Due to buffer overflows in header parsing in <application>sendmail</application>, a remote attacker can create a specially-crafted message that may cause &man.sendmail.8; to execute arbitrary code with the privileges of the user running it, typically <username>root</username>. More information, including pointers - to patches, can be found in security advisory <ulink - url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> + to patches, can be found in security advisories <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink> + and <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>.</para> <para>The XDR encoder/decoder does incorrect bounds-checking, which could allow a remote attacker to cause a diff --git a/release/doc/en_US.ISO8859-1/relnotes/article.sgml b/release/doc/en_US.ISO8859-1/relnotes/article.sgml index 2c00362..9b8aa4a 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml @@ -117,11 +117,13 @@ More details are given in security advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>. &merged;</para> - <para>A remotely-exploitable buffer overflow vulnerability in - <application>sendmail</application> has been fixed by updating - <application>sendmail</application> to version 8.12.8. For more + <para>Remotely-exploitable buffer overflow vulnerabilities in + <application>sendmail</application> have been fixed by updating + <application>sendmail</application>. For more details, see security advisory <ulink - url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>. + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink> + and <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>. &merged;</para> <para>A bounds-checking bug in the XDR implementation, which could diff --git a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml index 2c00362..9b8aa4a 100644 --- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml +++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml @@ -117,11 +117,13 @@ More details are given in security advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>. &merged;</para> - <para>A remotely-exploitable buffer overflow vulnerability in - <application>sendmail</application> has been fixed by updating - <application>sendmail</application> to version 8.12.8. For more + <para>Remotely-exploitable buffer overflow vulnerabilities in + <application>sendmail</application> have been fixed by updating + <application>sendmail</application>. For more details, see security advisory <ulink - url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>. + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink> + and <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc">FreeBSD-SA-03:07</ulink>. &merged;</para> <para>A bounds-checking bug in the XDR implementation, which could |