Fix SA-02:13 release note item (missing text).

Reviewed by: nectar
svn path=/head/; revision=91920
2024-12-17 10:26:15 +00:00 · 2002-03-09 01:12:03 +00:00 · 2002-03-09 01:12:03 +00:00 · 00148928a5 · 2020-12-20 02:59:44 +00:00
commit 00148928a5
parent c3a919a128
2 changed files with 6 additions and 2 deletions
--- a/release/doc/en_US.ISO8859-1/relnotes/article.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/article.sgml
@ -1616,7 +1616,9 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>

    <para>An <quote>off-by-one</quote> bug has been fixed in
      <application>OpenSSH</application>'s multiplexing code.  This bug
-      could have allowed a connecting SSH client to execute arbitrary
+      could have allowed an authenticated remote user to cause
+      &man.sshd.8; to execute arbitrary code with superuser
+      privileges, or allowed a connecting SSH client to execute arbitrary
      code with the privileges of the client user.  (See security
      advisory <ulink
        url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)
--- a/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
+++ b/release/doc/en_US.ISO8859-1/relnotes/common/new.sgml
@ -1616,7 +1616,9 @@ options HZ=1000 # not compulsory but strongly recommended</programlisting>

    <para>An <quote>off-by-one</quote> bug has been fixed in
      <application>OpenSSH</application>'s multiplexing code.  This bug
-      could have allowed a connecting SSH client to execute arbitrary
+      could have allowed an authenticated remote user to cause
+      &man.sshd.8; to execute arbitrary code with superuser
+      privileges, or allowed a connecting SSH client to execute arbitrary
      code with the privileges of the client user.  (See security
      advisory <ulink
        url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc">FreeBSD-SA-02:13</ulink>.)