From 814fbde0112d9ab104a822758fc2a37e5e046c59 Mon Sep 17 00:00:00 2001 From: bmah Date: Mon, 13 Nov 2000 05:19:22 +0000 Subject: Mention security advisories FreeBSD-SA-00:{42,61,62,63}. Note that IP Filter is now supported by rc.conf(5). Minor grammar fix in sshd item. --- release/texts/alpha/RELNOTES.TXT | 18 +++++++++++++++++- release/texts/i386/RELNOTES.TXT | 18 +++++++++++++++++- 2 files changed, 34 insertions(+), 2 deletions(-) (limited to 'release') diff --git a/release/texts/alpha/RELNOTES.TXT b/release/texts/alpha/RELNOTES.TXT index b99bb6b..036bf21 100644 --- a/release/texts/alpha/RELNOTES.TXT +++ b/release/texts/alpha/RELNOTES.TXT @@ -189,6 +189,9 @@ profiles" at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED] +A security hole in Linux emulation was fixed (see security advisory +FreeBSD-SA-00:42). [MERGED] + rlogind(8), rshd(8), and fingerd(8) are now disabled by default in /etc/inetd.conf. This only affects new installations. [MERGED] @@ -198,6 +201,16 @@ the possibility of buffer overflow-related exploits. [MERGED] TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED] +Several buffer overflows in tcpdump(1) were corrected (see security +advisory FreeBSD-SA-00:61). [MERGED] + +A security hole in top(1) was corrected (see security advisory +FreeBSD-SA-00:62). [MERGED] + +A potential security hole caused by an off-by-one-error in +gethostbyname(3) has been fixed (see security advisory +FreeBSD-SA-00:63). [MERGED] + 1.3. USERLAND CHANGES --------------------- @@ -314,7 +327,7 @@ OpenSSL implementation of the RSA algorithm is now activated by default, and the rsaref port and librsaUSA are no longer required for USA residents. [MERGED] -sshd now enabled by default on new installs. [MERGED] +sshd is now enabled by default on new installs. [MERGED] perl has been updated to version 5.6.0. @@ -395,6 +408,9 @@ chflags(1) has moved from /usr/bin to /bin. Use of the CSMG_* macros no longer require inclusion of . +IP Filter is now supported by the rc.conf(5) boot-time configuration +and initialization. [MERGED] + 2. Supported Configurations --------------------------- diff --git a/release/texts/i386/RELNOTES.TXT b/release/texts/i386/RELNOTES.TXT index 4824b4a..58a41a8 100644 --- a/release/texts/i386/RELNOTES.TXT +++ b/release/texts/i386/RELNOTES.TXT @@ -242,6 +242,9 @@ profiles" at install-time. These profiles enable different levels of system security by enabling or disabling various system services in rc.conf(5) on new installs. [MERGED] +A security hole in Linux emulation was fixed (see security advisory +FreeBSD-SA-00:42). [MERGED] + rlogind(8), rshd(8), and fingerd(8) are now disabled by default in /etc/inetd.conf. This only affects new installations. [MERGED] @@ -251,6 +254,16 @@ possibility of buffer overflow-related exploits. [MERGED] TCP now uses stronger randomness in choosing its initial sequence numbers (see security advisory FreeBSD-SA-00:52). [MERGED] +Several buffer overflows in tcpdump(1) were corrected (see security +advisory FreeBSD-SA-00:61). [MERGED] + +A security hole in top(1) was corrected (see security advisory +FreeBSD-SA-00:62). [MERGED] + +A potential security hole caused by an off-by-one-error in +gethostbyname(3) has been fixed (see security advisory +FreeBSD-SA-00:63). [MERGED] + 1.3. USERLAND CHANGES --------------------- @@ -386,7 +399,7 @@ OpenSSL implementation of the RSA algorithm is now activated by default, and the rsaref port and librsaUSA are no longer required for USA residents. [MERGED] -sshd now enabled by default on new installs. [MERGED] +sshd is now enabled by default on new installs. [MERGED] perl has been updated to version 5.6.0. @@ -467,6 +480,9 @@ chflags(1) has moved from /usr/bin to /bin. Use of the CSMG_* macros no longer require inclusion of . +IP Filter is now supported by the rc.conf(5) boot-time configuration +and initialization. [MERGED] + 2. Supported Configurations --------------------------- -- cgit v1.1