docs: add v2.13.1.1 ReleaseNotes

author Karel Zak <kzak@redhat.com>

Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)

committer Karel Zak <kzak@redhat.com>

Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)
author Karel Zak <kzak@redhat.com>
Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)
committer Karel Zak <kzak@redhat.com>
Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)
diff --git a/docs/v2.13.1.1-ReleaseNotes b/docs/v2.13.1.1-ReleaseNotes

new file mode 100644 (file)

index 0000000..d18caee
--- /dev/null
+++ b/docs/v2.13.1.1-ReleaseNotes
@@ -0,0 +1,27 @@
+
+Util-linux-ng 2.13.1.1 Release Notes (22-Apr-2008)
+==================================================
+
+Fixed security issues:
+---------------------
+
+ - audit log injection attack. This bug allows attackers to write
+   arbitrary characters to an audit log via a crafted username.
+
+ The problem was originaly reported for OpenSSH few months ago
+ (CVE-2007-3102). The login(1) is affected by the same bug when
+ built with the option "--with-audit".
+
+Changelog:
+---------
+
+ For more details see ChangeLog files at:
+ ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng/v2.13/
+
+
+login:
+   - audit log injection attack via login  [Steve Grubb]
+po:
+   - merge changes  [Karel Zak]
+   - update it.po (from translationproject.org)  [Marco Colombo]
+   - update nl.po (from translationproject.org)  [Benno Schulenberg]
author	Karel Zak <kzak@redhat.com>
	Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)
committer	Karel Zak <kzak@redhat.com>
	Mon, 21 Apr 2008 22:13:20 +0000 (00:13 +0200)