From d4bb704d955cd2a692f810d67922105d1f41927c Mon Sep 17 00:00:00 2001
From: "Bruce A. Mah" <bmah@FreeBSD.org>
Date: Tue, 19 Mar 2002 06:41:07 +0000
Subject: [PATCH] Regen from article.sgml 1.1.2.59.

---
 en/releases/4.5R/errata.html | 31 ++++++++++++++++++++++++-------
 1 file changed, 24 insertions(+), 7 deletions(-)

diff --git a/en/releases/4.5R/errata.html b/en/releases/4.5R/errata.html
index 159d78ddd1..b7d716c317 100644
--- a/en/releases/4.5R/errata.html
+++ b/en/releases/4.5R/errata.html
@@ -22,7 +22,7 @@
 
         <p class="PUBDATE">$FreeBSD:
         src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
-        1.1.2.57 2002/03/09 20:46:37 bmah Exp $<br>
+        1.1.2.59 2002/03/19 00:25:01 bmah Exp $<br>
         </p>
         <hr>
       </div>
@@ -109,19 +109,36 @@
         <span class="CITEREFENTRY"><span class=
         "REFENTRYTITLE">sshd</span>(8)</span></a> to execute
         arbitrary code with superuser privileges, or allowed a
-        connecting SSH client to execute arbitrary code with the
-        privileges of the client user. Various workarounds and
-        bugfixes, for versions of <b class=
+        malicious SSH server to execute arbitrary code on the
+        client system with the privileges of the client user.
+        Various workarounds and bugfixes, for versions of <b class=
         "APPLICATION">OpenSSH</b> in both the base system and Ports
         Collection, can be found in security advisory <a href=
         "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc"
          target="_top">FreeBSD-SA-02:13</a>.</p>
+
+        <p>A programming error in <b class="APPLICATION">zlib</b>
+        could result in attempts to free memory multiple times. The
+        <a href=
+        "http://www.FreeBSD.org/cgi/man.cgi?query=malloc&sektion=3&manpath=FreeBSD+4.5-stable">
+        <span class="CITEREFENTRY"><span class=
+        "REFENTRYTITLE">malloc</span>(3)</span></a>/<a href=
+        "http://www.FreeBSD.org/cgi/man.cgi?query=free&sektion=3&manpath=FreeBSD+4.5-stable">
+        <span class="CITEREFENTRY"><span class=
+        "REFENTRYTITLE">free</span>(3)</span></a> routines used in
+        FreeBSD are not vulnerable to this error, but applications
+        receiving specially-crafted blocks of invalid compressed
+        data could be made to function incorrectly or abort. This
+        <b class="APPLICATION">zlib</b> bug has been fixed. For a
+        workaround and solutions, see security advisory <a href=
+        "ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:18.zlib.asc"
+         target="_top">FreeBSD-SA-02:18</a>.</p>
       </div>
 
       <div class="SECT1">
         <hr>
 
-        <h1 class="SECT1"><a name="AEN43">3 System Update
+        <h1 class="SECT1"><a name="AEN53">3 System Update
         Information</a></h1>
 
         <p>Certain SSH clients, when attempting to connect to a
@@ -215,7 +232,7 @@
         are frequently required by these other components, <span
         class="emphasis"><i class="EMPHASIS">are</i></span>
         included on disk 1 of the official 4-CD set. <a name=
-        "AEN80" href="#FTN.AEN80">[1]</a></p>
+        "AEN90" href="#FTN.AEN90">[1]</a></p>
 
         <p>A binary package containing <b class=
         "APPLICATION">Samba</b> was accidentally omitted from the
@@ -246,7 +263,7 @@
     <table border="0" class="FOOTNOTES" width="100%">
       <tr>
         <td align="LEFT" valign="TOP" width="5%"><a name=
-        "FTN.AEN80" href="#AEN80">[1]</a></td>
+        "FTN.AEN90" href="#AEN90">[1]</a></td>
 
         <td align="LEFT" valign="TOP" width="95%">
           <p>The complete FreeBSD package collection currently