[src/netbsd-3-0]: src/doc Tickets #1910 and #1921.

[jdc <jdc%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/e879f35d72aa
branches:  netbsd-3-0
changeset: 579479:e879f35d72aa
user:      jdc <jdc%NetBSD.org@localhost>
date:      Tue Apr 08 21:51:29 2008 +0000

description:
Tickets #1910 and #1921.

diffstat:

 doc/CHANGES-3.0.4 |  21 ++++++++++++++++++++-
 1 files changed, 20 insertions(+), 1 deletions(-)

diffs (32 lines):

diff -r 02c12bb5ac62 -r e879f35d72aa doc/CHANGES-3.0.4
--- a/doc/CHANGES-3.0.4 Tue Apr 08 21:48:26 2008 +0000
+++ b/doc/CHANGES-3.0.4 Tue Apr 08 21:51:29 2008 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-3.0.4,v 1.1.2.21 2008/03/26 19:03:46 bouyer Exp $
+#      $NetBSD: CHANGES-3.0.4,v 1.1.2.22 2008/04/08 21:51:29 jdc Exp $
 
 A complete list of changes from the NetBSD 3.0.3 release to the NetBSD 3.0.4
 release:
@@ -262,3 +262,22 @@
        Upgrade bzip2 to 1.0.5, fixing CVE-2008-1372 and CVE-2005-0953
        [adrianp, ticket #1917]
 
+sys/dev/ata/wd.c                               1.359
+
+       The Hitachi HDP725025GLA380 returns "aborted command" instead of
+       "id not found" when hitting the LBA48 bug, so also install the
+       LBA48 bug workaround on "aborted command" errors.
+       [bouyer, ticket #1910]
+
+src/crypto/dist/ssh/channels.c                 1.38
+src/crypto/dist/ssh/auth-options.c             1.8
+src/crypto/dist/ssh/auth-options.h             1.4
+src/crypto/dist/ssh/session.c                  1.46
+src/crypto/dist/ssh/sshd.8                     1.39
+
+       Fix X11 forwarding information disclosure vulnerability in
+       OpenSSH (CVE-2008-1483).
+       Add no-user-rc option which disables execution of ~/.ssh/rc
+       (backport from OpenSSH 4.9)
+       [adrianp, ticket #1921]
+