For some reason, it looks like SA-06:{10,11,12,13} were not mentioned

in HEAD's release notes, even though the issues involved were applied (and fixed). Copy their descriptions from one of the RELENG_* branches (RELENG_5 in this case). SA-06:08 and SA-06:09 were not applicable to code on HEAD and thus not mentioned.
svn path=/head/; revision=158455
2024-10-22 16:29:38 +00:00 · 2006-05-11 19:17:17 +00:00 · 2006-05-11 19:17:17 +00:00 · 2098204d62 · 2020-12-20 02:59:44 +00:00
parent 6dc044b45b
commit 2098204d62
2 changed files with 48 additions and 0 deletions
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@ -151,6 +151,30 @@
      For more details see security advisory <ulink
      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc">FreeBSD-SA-06:07.pf</ulink>. &merged;</para>

+    <para>A logic bug in the NFS server code, which could cause a crash when
+      the server received a message with a zero-length payload, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc">FreeBSD-SA-06:10.nfs</ulink>. &merged;</para>
+
+    <para>A programming error in the &man.fast.ipsec.4; implementation
+      results in the sequence number associated with a Security
+      Association not being updated, allowing packets to unconditionally
+      pass sequence number verification checks, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc">FreeBSD-SA-06:11.ipsec</ulink>. &merged;</para>
+
+    <para>A logic bug that could cause &man.opiepasswd.1; to allow an unprivileged
+      user to configure OPIE authentication for the root user under certain
+      circumstances, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:12.opie.asc">FreeBSD-SA-06:12.opie</ulink>. &merged;</para>
+
+    <para>An asynchronous signal handling vulnerability in &man.sendmail.8;,
+      which could allow a remote attacker to execute arbitrary code with the
+      privileges of the user running sendmail, typically root, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc">FreeBSD-SA-06:13.sendmail</ulink>. &merged;</para>
+
    <para arch="i386,amd64">An information disclosure issue found in the
      &os; kernel running on 7th- and 8th-generation AMD processors
      has been fixed.  For more details see security advisory <ulink
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@ -151,6 +151,30 @@
      For more details see security advisory <ulink
      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:07.pf.asc">FreeBSD-SA-06:07.pf</ulink>. &merged;</para>

+    <para>A logic bug in the NFS server code, which could cause a crash when
+      the server received a message with a zero-length payload, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:10.nfs.asc">FreeBSD-SA-06:10.nfs</ulink>. &merged;</para>
+
+    <para>A programming error in the &man.fast.ipsec.4; implementation
+      results in the sequence number associated with a Security
+      Association not being updated, allowing packets to unconditionally
+      pass sequence number verification checks, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:11.ipsec.asc">FreeBSD-SA-06:11.ipsec</ulink>. &merged;</para>
+
+    <para>A logic bug that could cause &man.opiepasswd.1; to allow an unprivileged
+      user to configure OPIE authentication for the root user under certain
+      circumstances, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:12.opie.asc">FreeBSD-SA-06:12.opie</ulink>. &merged;</para>
+
+    <para>An asynchronous signal handling vulnerability in &man.sendmail.8;,
+      which could allow a remote attacker to execute arbitrary code with the
+      privileges of the user running sendmail, typically root, has been fixed.
+      For more details see security advisory <ulink
+      url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc">FreeBSD-SA-06:13.sendmail</ulink>. &merged;</para>
+
    <para arch="i386,amd64">An information disclosure issue found in the
      &os; kernel running on 7th- and 8th-generation AMD processors
      has been fixed.  For more details see security advisory <ulink