svn commit: r229683 - stable/9/release/doc/en_US.ISO8859-1/relnotes
Hiroki Sato
hrs at FreeBSD.org
Fri Jan 6 05:03:23 UTC 2012
Author: hrs
Date: Fri Jan 6 05:03:22 2012
New Revision: 229683
URL: http://svn.freebsd.org/changeset/base/229683
Log:
- Update copyright year.
- Add SA-11:0[12456789] and -11:10.
- Update the upgrade section.
Modified:
stable/9/release/doc/en_US.ISO8859-1/relnotes/article.sgml
Modified: stable/9/release/doc/en_US.ISO8859-1/relnotes/article.sgml
==============================================================================
--- stable/9/release/doc/en_US.ISO8859-1/relnotes/article.sgml Fri Jan 6 02:28:21 2012 (r229682)
+++ stable/9/release/doc/en_US.ISO8859-1/relnotes/article.sgml Fri Jan 6 05:03:22 2012 (r229683)
@@ -20,17 +20,7 @@
<pubdate>$FreeBSD$</pubdate>
<copyright>
- <year>2000</year>
- <year>2001</year>
- <year>2002</year>
- <year>2003</year>
- <year>2004</year>
- <year>2005</year>
- <year>2006</year>
- <year>2007</year>
- <year>2008</year>
- <year>2009</year>
- <year>2010</year>
+ <year>2012</year>
<holder role="mailto:doc at FreeBSD.org">The &os; Documentation Project</holder>
</copyright>
@@ -132,9 +122,97 @@
<sect2 id="security">
<title>Security Advisories</title>
- <para></para>
-
- </sect2>
+ <para>Problems described in the following security advisories have
+ been fixed. For more information, consult the individual
+ advisories available from
+ <ulink url="http://security.FreeBSD.org/"></ulink>.</para>
+
+ <informaltable frame="none" pgwide="1">
+ <tgroup cols="3">
+ <colspec colwidth="1*">
+ <colspec colwidth="1*">
+ <colspec colwidth="3*">
+ <thead>
+ <row>
+ <entry>Advisory</entry>
+ <entry>Date</entry>
+ <entry>Topic</entry>
+ </row>
+ </thead>
+
+ <tbody>
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:01.mountd.asc"
+ >SA-11:01.mountd</ulink></entry>
+ <entry>20 April 2011</entry>
+ <entry><para>Network ACL mishandling in &man.mountd.8;</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc"
+ >SA-11:02.bind</ulink></entry>
+ <entry>28 May 2011</entry>
+ <entry><para>BIND remote DoS with large RRSIG RRsets and negative
+ caching</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc"
+ >SA-11:04.compress</ulink></entry>
+ <entry>28 September 2011</entry>
+ <entry><para>Errors handling corrupt compress file in
+ &man.compress.1; and &man.gzip.1;</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc"
+ >SA-11:05.unix</ulink></entry>
+ <entry>28 September 2011</entry>
+ <entry><para>Buffer overflow in handling of UNIX socket
+ addresses</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:06.bind.asc"
+ >SA-11:06.bind</ulink></entry>
+ <entry>23 December 2011</entry>
+ <entry><para>Remote packet Denial of Service against &man.named.8;
+ servers</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:07.chroot.asc"
+ >SA-11:07.chroot</ulink></entry>
+ <entry>23 December 2011</entry>
+ <entry><para>Code execution via chrooted ftpd</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc"
+ >SA-11:08.telnetd</ulink></entry>
+ <entry>23 December 2011</entry>
+ <entry><para>telnetd code execution vulnerability</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:09.pam_ssh.asc"
+ >SA-11:09.pam_ssh</ulink></entry>
+ <entry>23 December 2011</entry>
+ <entry><para>pam_ssh improperly grants access when user account has
+ unencrypted SSH private keys</para></entry>
+ </row>
+
+ <row>
+ <entry><ulink url="http://security.freebsd.org/advisories/FreeBSD-SA-11:10.pam.asc"
+ >SA-11:10.pam</ulink></entry>
+ <entry>23 December 2011</entry>
+ <entry><para><function>pam_start()</function> does not validate
+ service names</para></entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </informaltable>
+ </sect2>
<sect2 id="kernel">
<title>Kernel Changes</title>
@@ -544,17 +622,11 @@
binary upgrades between RELEASE versions (and snapshots of the
various security branches) are supported using the
&man.freebsd-update.8; utility. The binary upgrade procedure will
- update unmodified userland utilities, as well as unmodified GENERIC or
- SMP kernels distributed as a part of an official &os; release.
+ update unmodified userland utilities, as well as a unmodified GENERIC kernel
+ distributed as a part of an official &os; release.
The &man.freebsd-update.8; utility requires that the host being
upgraded have Internet connectivity.</para>
- <para>An older form of binary upgrade is supported through the
- <command>Upgrade</command> option from the main &man.sysinstall.8;
- menu on CDROM distribution media. This type of binary upgrade
- may be useful on non-&arch.i386;, non-&arch.amd64; machines
- or on systems with no Internet connectivity.</para>
-
<para>Source-based upgrades (those based on recompiling the &os;
base system from source code) from previous versions are
supported, according to the instructions in
More information about the svn-src-stable-9
mailing list