article.xml (111706) | article.xml (111834) |
---|---|
1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might --- 22 unchanged lines hidden (view full) --- 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 | 1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might --- 22 unchanged lines hidden (view full) --- 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 |
39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 111706 2003-03-01 16:58:53Z bmah $</pubdate> | 39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 111834 2003-03-03 18:20:00Z bmah $</pubdate> |
40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> --- 80 unchanged lines hidden (view full) --- 128 129 <para>It may be possible to recover the shared secret key used by 130 the implementation of the <quote>syncookies</quote> feature. 131 This reduces its effectiveness in dealing with TCP SYN flood 132 denial-of-service attacks. Workaround information and fixes are 133 given in security advisory <ulink 134 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> 135 | 40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> --- 80 unchanged lines hidden (view full) --- 128 129 <para>It may be possible to recover the shared secret key used by 130 the implementation of the <quote>syncookies</quote> feature. 131 This reduces its effectiveness in dealing with TCP SYN flood 132 denial-of-service attacks. Workaround information and fixes are 133 given in security advisory <ulink 134 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> 135 |
136 <para>Due to a buffer overflow in header parsing, a remote 137 attacker could create a specially crafted message that may cause 138 <application>sendmail</application> to execute arbitrary code 139 with the privileges of the user running sendmail, typically 140 <username>root</username>. More information, including pointers 141 to patches, can be found in security advisory <ulink 142 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> 143 |
|
136 </sect1> 137 138 <sect1 id="late-news"> 139 <title>Late-Breaking News</title> 140 141 <bridgehead renderas="sect3">GEOM</bridgehead> 142 143 <para>The &man.geom.4;-based disk partitioning code in the kernel --- 170 unchanged lines hidden --- | 144 </sect1> 145 146 <sect1 id="late-news"> 147 <title>Late-Breaking News</title> 148 149 <bridgehead renderas="sect3">GEOM</bridgehead> 150 151 <para>The &man.geom.4;-based disk partitioning code in the kernel --- 170 unchanged lines hidden --- |