Restate vulnerability

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/releasenotes.txt

@@ -35,9 +35,8 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
     did not specify a number. Now, the compiler selects the lowest
     unallocated number when no device number is explicitly allocated.
 
-2)  Network developers have discovered an exploit that allows hosts to
+2)  Certain attacks can be best defended through use of one of these
-    poke holes in a firewall. The known ways to protect against the
+    two measures.
-    exploit are:
 
     a)  rt_filter (Shorewall's routefilter). Only applicable to IPv4
     	and can't be used with some multi-ISP configurations.
@@ -47,8 +46,8 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
         rules. This approach is not appropriate for bridges and other
         cases, where the 'routeback' option is specified or implied.
 
-    For non-routeback interfaces, Shorewall and Shorewall6 will insert
+    For non-routeback interfaces, Shorewall and Shorewall6 will now
-    a hairpin rule, provided that the routefilter option is not
+    insert a hairpin rule, provided that the routefilter option is not
     specified. The rule will dispose of hairpins according to the
     setting of two new options in shorewall.conf and shorewall6.conf: