[src/netbsd-3-0]: src/doc Ticket #1486

[jdc <jdc%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/5c43f3cb774f
branches:  netbsd-3-0
changeset: 579285:5c43f3cb774f
user:      jdc <jdc%NetBSD.org@localhost>
date:      Tue Aug 29 08:46:06 2006 +0000

description:
Ticket #1486

diffstat:

 doc/CHANGES-3.0.2 |  10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diffs (21 lines):

diff -r bdd8be8ff155 -r 5c43f3cb774f doc/CHANGES-3.0.2
--- a/doc/CHANGES-3.0.2 Sat Aug 26 14:41:05 2006 +0000
+++ b/doc/CHANGES-3.0.2 Tue Aug 29 08:46:06 2006 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: CHANGES-3.0.2,v 1.1.2.14 2006/08/26 14:41:05 ghen Exp $
+#      $NetBSD: CHANGES-3.0.2,v 1.1.2.15 2006/08/29 08:46:06 jdc Exp $
 
 A complete list of changes from the NetBSD 3.0.1 release to the NetBSD 3.0.2
 release:
@@ -117,3 +117,11 @@
        Add option SOSEND_NO_LOAN to fix a panic on cobalt.
        [tsutsui, ticket #1478]
 
+xsrc/xfree/xc/lib/font/bitmap/pcfread.c                1.2
+
+       Fix for CVE-2006-3467 via the X.Org foundation.
+       "Integer overflow in FreeType before 2.2 allows remote attackers to
+       cause a denial of service (crash) and possibly execute arbitrary code
+       via unknown vectors."
+       [adrianp, ticket #1486]
+