| article.xml (111835) | article.xml (112435) |
|---|---|
| 1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might --- 22 unchanged lines hidden (view full) --- 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 | 1<!-- 2 FreeBSD errata document. Unlike some of the other RELNOTESng 3 files, this file should remain as a single SGML file, so that 4 the dollar FreeBSD dollar header has a meaningful modification 5 time. This file is all but useless without a datestamp on it, 6 so we'll take some extra care to make sure it has one. 7 8 (If we didn't do this, then the file with the datestamp might --- 22 unchanged lines hidden (view full) --- 31 &release.current; 32]]> 33 Errata</title> 34 35 <corpauthor> 36 The &os; Project 37 </corpauthor> 38 |
| 39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 111835 2003-03-03 18:23:57Z bmah $</pubdate> | 39 <pubdate>$FreeBSD: head/release/doc/en_US.ISO8859-1/errata/article.sgml 112435 2003-03-20 18:57:30Z bmah $</pubdate> |
| 40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> --- 88 unchanged lines hidden (view full) --- 136 <para>Due to a buffer overflow in header parsing in <application>sendmail</application>, a remote 137 attacker can create a specially-crafted message that may cause 138 &man.sendmail.8; to execute arbitrary code 139 with the privileges of the user running it, typically 140 <username>root</username>. More information, including pointers 141 to patches, can be found in security advisory <ulink 142 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> 143 | 40 41 <copyright> 42 <year>2000</year> 43 <year>2001</year> 44 <year>2002</year> 45 <year>2003</year> 46 <holder role="mailto:doc@FreeBSD.org">The FreeBSD Documentation Project</holder> 47 </copyright> --- 88 unchanged lines hidden (view full) --- 136 <para>Due to a buffer overflow in header parsing in <application>sendmail</application>, a remote 137 attacker can create a specially-crafted message that may cause 138 &man.sendmail.8; to execute arbitrary code 139 with the privileges of the user running it, typically 140 <username>root</username>. More information, including pointers 141 to patches, can be found in security advisory <ulink 142 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> 143 |
| 144 <para>The XDR encoder/decoder does incorrect bounds-checking, 145 which could allow a remote attacker to cause a 146 denial-of-service. For bugfix information, see security 147 advisory <ulink 148 url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:05.xdr.asc">FreeBSD-SA-03:05</ulink>.</para> 149 |
|
| 144 </sect1> 145 146 <sect1 id="late-news"> 147 <title>Late-Breaking News</title> 148 149 <bridgehead renderas="sect3">GEOM</bridgehead> 150 151 <para>The &man.geom.4;-based disk partitioning code in the kernel --- 170 unchanged lines hidden --- | 150 </sect1> 151 152 <sect1 id="late-news"> 153 <title>Late-Breaking News</title> 154 155 <bridgehead renderas="sect3">GEOM</bridgehead> 156 157 <para>The &man.geom.4;-based disk partitioning code in the kernel --- 170 unchanged lines hidden --- |