From owner-freebsd-security@freebsd.org Wed Jan 31 09:50:51 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 51199EE6366 for ; Wed, 31 Jan 2018 09:50:51 +0000 (UTC) (envelope-from Abderrahmane.Zahrir@ca.com) Received: from mx0a-001c7801.pphosted.com (mx0b-001c7801.pphosted.com [148.163.158.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "thawte SHA256 SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CD35B7C700 for ; Wed, 31 Jan 2018 09:50:50 +0000 (UTC) (envelope-from Abderrahmane.Zahrir@ca.com) Received: from pps.filterd (m0081995.ppops.net [127.0.0.1]) by mx0b-001c7801.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w0V9OaFN026597 for ; Wed, 31 Jan 2018 04:27:20 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ca.com; h=from : to : subject : date : message-id : content-type : mime-version; s=20151012; bh=EQwE0kkInkIHiOQlI++cljU3PD6Ou8R1CV64TBeXkVo=; b=buqt10pUxDyGppot1A7jHNv+D1om1sZ44IhFLEZVDoFN6K/EmMWb9anLMzBCW+3OCgOf vI/odzIDGOq3gLyDCo1gA3Yy1fIqWL+2qO2pG1PE1sWhMoocBU8zPi6gA6bueGnTi5dY vpetcZGxtRB3qj/RCBEhJk92mj1urNO8bGQaBwxHT0bJ93UdXpWe/p0zFqRtPxY83TG5 uTUU3dnhkDFiGwF+wg7FCOkpW0qyeXrxh6Gjg8bB9jCPWzyDpSUFWCufsYUHMRK5KkgN XJYV9c2buXKscW7cDf5bWOjjrtjM63jIUgoHmJ4jGf+WttLKd/tJv6jwHDeHuktWvxPz AQ== Received: from usilms290.ca.com (usilms290.ca.com [141.202.246.44]) by mx0b-001c7801.pphosted.com with ESMTP id 2fu33fshme-1 (version=TLSv1.2 cipher=AES128-SHA bits=128 verify=FAIL) for ; Wed, 31 Jan 2018 04:27:19 -0500 Received: from usilms214.ca.com (141.202.6.104) by usilms290.ca.com (141.202.246.44) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 31 Jan 2018 04:27:19 -0500 Received: from usilms213.ca.com (141.202.6.103) by usilms214.ca.com (141.202.6.104) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 31 Jan 2018 04:27:18 -0500 Received: from usilms290.ca.com (141.202.246.44) by usilms213.ca.com (141.202.6.103) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Wed, 31 Jan 2018 04:27:18 -0500 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (216.32.180.18) by o365smtp.ca.com (141.202.246.44) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 31 Jan 2018 04:27:17 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ca.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=EQwE0kkInkIHiOQlI++cljU3PD6Ou8R1CV64TBeXkVo=; b=JpM1iCOY/G9k4Q3SRqyKuvVtDnhsswlqrzfhGIjh+jC6wl4dLS+EZi/cQnv/ntjAd9ef6LtQpB8+GuqQiqNj3FM0G1OSqurQ2AB/w4SdyCMz2/8a/qZ8cZI5bSiQDkF5TtfbCILCVS3tOij4S1EluWE72siiUnLOT3rbOlWmJVE= Received: from CY1PR01MB1247.prod.exchangelabs.com (10.163.17.29) by CY1PR01MB1359.prod.exchangelabs.com (10.163.18.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.444.14; Wed, 31 Jan 2018 09:27:15 +0000 Received: from CY1PR01MB1247.prod.exchangelabs.com ([10.163.17.29]) by CY1PR01MB1247.prod.exchangelabs.com ([10.163.17.29]) with mapi id 15.20.0444.016; Wed, 31 Jan 2018 09:27:15 +0000 From: "Zahrir, Abderrahmane" To: "freebsd-security@freebsd.org" Subject: RE: Re: Response to Meltdown and Spectre Thread-Topic: Re: Response to Meltdown and Spectre Thread-Index: AdOLkQI0JmSCRlohTrWavodA9QvhKwO4+i1g Date: Wed, 31 Jan 2018 09:27:15 +0000 Message-ID: Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [194.75.229.113] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CY1PR01MB1359; 7:OnQisJmjNtCTZvH61cC3bhDO8StIGlvGQG6QkuxNBKm5lCKffHX1F2+w3pRJCYB71QvflLDr05vglv+8zeFVfvET8DGUv0DQcoqQbXpgVlNjCHVsrEVmzI1GIBMsy+unHiLRHrpKASUEhOVHDgE2Wf21sHYJocm1AkdDyL4nyNHoKTbULEXQHYgkCS94YtbbsRcS7yGGdtnfuJD4kKnMZy4BKE8TZHCyj6sAT8ZOoL5BXggYrPLICQzT5Ef2xuBf; 20:L86WNiSpvinoNenRUt0MmMsAn2UhFL+9mkdFNy5VJY0f8GEaNdNXPfoiAVGWTqykgQm1u2sg5Ocx4nvCjUWvy4gLYQYSVVLONXbnVv8dQGEe4UkG36z+E1gNoDW3CFFv8r88YDCtU3T/cOzf8wqZTjqU/XU0V9YDmyOVK3J1LmtpOnt+/F3vxoTCQaeCZjk1Ar39hE3Pk55Xu3zE//BRzGWFkjacpOaHLDIeIjl9NeW24UbA0hwhqtPJ8kzgTiV2 x-ms-exchange-antispam-srfa-diagnostics: SSOS; x-ms-office365-filtering-correlation-id: e7888b18-7e27-4822-6f25-08d5688cd145 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(4534165)(4627221)(201703031133081)(201702281549075)(5600026)(4604075)(3008032)(2017052603307)(7153060)(7193020); SRVR:CY1PR01MB1359; x-ms-traffictypediagnostic: CY1PR01MB1359: x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:(28532068793085)(192374486261705)(21748063052155); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040501)(2401047)(8121501046)(5005006)(93006095)(93001095)(3231101)(2400082)(944501161)(10201501046)(3002001)(6041288)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123560045)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:CY1PR01MB1359; BCL:0; PCL:0; RULEID:; SRVR:CY1PR01MB1359; x-forefront-prvs: 056929CBB8 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(366004)(376002)(39380400002)(39860400002)(396003)(189003)(199004)(53936002)(74316002)(72206003)(33656002)(66066001)(6116002)(77096007)(26005)(99286004)(102836004)(316002)(2906002)(558084003)(10090500001)(7736002)(478600001)(3846002)(2351001)(59450400001)(5660300001)(25786009)(97736004)(7696005)(6506007)(5640700003)(14454004)(6916009)(2501003)(9686003)(6436002)(9326002)(790700001)(106356001)(54896002)(6306002)(55016002)(68736007)(5630700001)(105586002)(81156014)(8676002)(2900100001)(8936002)(3280700002)(81166006)(3660700001)(186003)(86362001)(6246003)(229853002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR01MB1359; H:CY1PR01MB1247.prod.exchangelabs.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: ca.com does not designate permitted sender hosts) x-microsoft-antispam-message-info: Jmj5OJd+xInzMzWdNPXkRHjpXxGz0p224lL7itgCqw46lkGaxnCHhRH3hrqRpWKxQxFuEdJ/6ZSrHs1IXRBCTg== spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: e7888b18-7e27-4822-6f25-08d5688cd145 X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jan 2018 09:27:15.6929 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 1194df16-3ae0-49aa-b48b-5c4da6e13689 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR01MB1359 X-WgnSS: 01000000010010usilms290.ca.com ID004C X-OriginatorOrg: ca.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2018-01-31_04:, , signatures=0 X-Proofpoint-Outbound-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=426 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1711220000 definitions=main-1801310125 X-Mailman-Approved-At: Wed, 31 Jan 2018 11:57:22 +0000 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jan 2018 09:50:51 -0000 Hi Guys, I understand that you have not been notified early enough about the Meltdow= n and spectre security flow. However do we have a rough estimate (something like an approximate month) o= f when a patch will be available for the latest version 11.1 and possibly 1= 1.0? Regards, Dahman From owner-freebsd-security@freebsd.org Wed Jan 31 12:58:44 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D505DEC9D15 for ; Wed, 31 Jan 2018 12:58:43 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: from outgoing.tristatelogic.com (segfault.tristatelogic.com [69.62.255.118]) by mx1.freebsd.org (Postfix) with ESMTP id 35BC182940 for ; Wed, 31 Jan 2018 12:58:42 +0000 (UTC) (envelope-from rfg@tristatelogic.com) Received: from segfault-nmh-helo.tristatelogic.com (localhost [127.0.0.1]) by segfault.tristatelogic.com (Postfix) with ESMTP id 4A1AA3AE87 for ; Wed, 31 Jan 2018 04:51:09 -0800 (PST) From: "Ronald F. Guilmette" To: "freebsd-security@freebsd.org" Subject: Re: Response to Meltdown and Spectre In-Reply-To: Date: Wed, 31 Jan 2018 04:51:08 -0800 Message-ID: <29770.1517403068@segfault.tristatelogic.com> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jan 2018 12:58:44 -0000 In message , "Zahrir, Abderrahmane" wrote: >Hi Guys, > >I understand that you have not been notified early enough about the Meltdown >and spectre security {flaws}... Apparently, it wasn't just the FreeBSD security crew that was inappropriately kept in the dark about this gaggle of hardware security disasters. According to some recently published news reorts, even various Chinese hardware vendors were informed of the flaws PRIOR TO the U.S. Government being informed. (Source: The Wall Street Journal.) In short, this truly epic set of hardware security screw ups were followed by what now appears to have been an equally epic set of -disclosure- screw ups. The hardware bugs were bad enough, but the clear (and apparently self-serving) idiocy that drove the selective disclosure process in this case was, it now appears, equally stinky, if not moreso. Some days, I can't help thinking that I'm playing for the Wrong Team. Maybe its time to learn Chinese. It all sort of reminds me of one very famous quote about the sheer idiocy often displayed by short-sighted corporate bean counters: "The Capitalists will sell us the rope with which we will hang them." -- Vladimir Ilyich Lenin Intel decided to make Meltdown/Spectre disclosures to their Chinese business partners (e.g. Lenovo, Alibaba) before making those same disclosures even to the government of the country where they are headquartered, and from which they have derived most of their profits since the company's inception, i.e. the good old U.S. of A. Read and weap: https://www.wsj.com/articles/intel-warned-chinese-companies-of-chip-flaws-before-u-s-government-1517157430 https://www.theregister.co.uk/2018/01/29/intel_disclosure_controversy/ https://www.engadget.com/2018/01/28/intel-told-chinese-firms-of-meltdown-flaws-before-us/ Thousands and thousands of honorable, well-intentioned and sincere men and women, most with only the purest of motives, have argued and debated, back and forth, for liteally decades now about the true meaning of, and true nature of "responsible disclosure", a topic which continues to be ernestly and reasonably debated between professionals. And yet here we have an instance of a single, dominant, for-profit corporation effectively making a mockery of all those debates by simply doing what it thought was in its own best interests and leaving everyone else to twist in the wind. I, for one, intend to remember this the next time some geeky hacker-type dude gets publically criticised for going public with some security flaw before the affected vendor(s) had a patch ready for release. The next time I see somebody (anybody) being blasted for having failed to observe "responsible disclosure protocols", I, at least, will jump to that person's defense simply by saying "Yea... So?" Intel has just killed the entire notion of "responsible disclosure". It simply doesn't exist anymore. Publish and be saved! -- Bartholomew "Barley" Scott Blair -- The Russia House Regards, rfg P.S. Now that I think about it, I guess that Intel's actions in this case... which they will most assuredly get away with, *without* any civil or criminal penalty (because hey! They're Intel!)... has also created a sort of carte blanche for any U.S. hacker dude who might want to sell his zero days to the Chinese, or, you know, the Russians. Because isn't that effectively what Intel itself did in this case? From owner-freebsd-security@freebsd.org Wed Jan 31 23:45:07 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 599E4EC5B7C for ; Wed, 31 Jan 2018 23:45:07 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E7D6B7F381 for ; Wed, 31 Jan 2018 23:45:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id 3EA0175AB for ; Wed, 31 Jan 2018 23:45:06 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id w0VNj6Mt044131 for ; Wed, 31 Jan 2018 23:45:06 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id w0VNj6vL044130 for freebsd-security@FreeBSD.org; Wed, 31 Jan 2018 23:45:06 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: freebsd-security@FreeBSD.org Subject: [Bug 225241] databases/mysql55-server: Update to 5.5.59 fixes multiple CVE Date: Wed, 31 Jan 2018 23:45:04 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: security X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: commit-hook@freebsd.org X-Bugzilla-Status: Closed X-Bugzilla-Resolution: FIXED X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ale@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? merge-quarterly? X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-Mailman-Approved-At: Thu, 01 Feb 2018 01:18:56 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Jan 2018 23:45:07 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D225241 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: bdrewery Date: Wed Jan 31 23:44:18 UTC 2018 New revision: 460548 URL: https://svnweb.freebsd.org/changeset/ports/460548 Log: MFH: r459752 Update to 5.5.59 release. PR: 225241 Submitted by: Markus Kohlmeyer Approved by: portmgr (implicit) Changes: _U branches/2018Q1/ branches/2018Q1/databases/mysql55-server/Makefile branches/2018Q1/databases/mysql55-server/distinfo --=20 You are receiving this mail because: You are on the CC list for the bug.= From owner-freebsd-security@freebsd.org Thu Feb 1 01:00:16 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C336EC91EE for ; Thu, 1 Feb 2018 01:00:16 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: from mail-io0-x235.google.com (mail-io0-x235.google.com [IPv6:2607:f8b0:4001:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 30ED981065 for ; Thu, 1 Feb 2018 01:00:16 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: by mail-io0-x235.google.com with SMTP id p188so17263149ioe.12 for ; Wed, 31 Jan 2018 17:00:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=xYRfNbTxr6Ip9721CbXsqaDNcyfXf5n7ViFzYn8oOoo=; b=Xu/QbzW2GMt9rqFJWIsbA4eiZFPkal/aukVzvQ9Gr+PcyYN/xr1lFIZzxvqCBO3Ygv iVFvhuIm+B4vYCUHPgvjZVz6chhbdny/NnK526+WrX5PDOTnqkXUrd28jaMcwtl2kTV0 vf2DgRpkJZ5DK1s538x8hP+h5FmsHinQ95k9uHrK0f7PAgX1jvzGTp/IeC3yIprH3aOE B/gJ3XmVRqfAUOAeT6IJ979gnQR7iwq4fBp8qHr+G/wIS/8ujKyZVyOIoSsFliy4MsbB RRmK9qnyJQX6y9rqm7wpO4upJ2HQn2hczy0FG4+IpUDTsIHQTiGK1O+9ZwUm+DzKWPcF WAJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=xYRfNbTxr6Ip9721CbXsqaDNcyfXf5n7ViFzYn8oOoo=; b=iwswM9+XhtcZD1P5GNrFHDF5d5Ohjd/s7Jq4XVOWYX7q8XSnrAn2Vi+cuoWAgKPLf1 Grh5AF52tslN78dOCDKRAMtSgLWsQn0rQxKboQNGDkeoMxbkKwUm1RqnSPEJ4qaZ9cgT JjRGYBJnsBMAD1eNKo34ObXd3zXaLwZCRU3saHT3XOPKue8fZaSLZ7102Dju7apFIamy Ivrhmi7ManXlqW4R9ME3rh9qEWKtoets6ZyK3CA9lTqXBQcykMTrWkaGBMBtyMDLw/Nd LSiFa4VIpsrJ0goV3LG0/PceQbRFKoqQ72XZ7QpY0YBV8Ehh9EwIzuIRCooLI44oJYRq Gxow== X-Gm-Message-State: AKwxytdtn5rlm8lPjKMmnsxZVPCjw5m/bav+VSu/UVJcYD/YgGRfElWH 4Sd1QNzdAvkn7fbSU188r58KUS4AJW81M2PQGL+Udc9K X-Google-Smtp-Source: AH8x225hP3BKe56JsXqwYuNqLDhJMwlavJyIfEfWFDtRpEMpWyDW9Enmjc8xNTu9Ipt0wdGc5IJxhcEmFv+bbFWMUWo= X-Received: by 10.107.176.14 with SMTP id z14mr21390931ioe.8.1517446815261; Wed, 31 Jan 2018 17:00:15 -0800 (PST) MIME-Version: 1.0 Received: by 10.79.46.85 with HTTP; Wed, 31 Jan 2018 17:00:14 -0800 (PST) In-Reply-To: <20180112074115.GB75633@server.rulingia.com> References: <44k1wnes1w.fsf@be-well.ilk.org> <20180112061425.GA75633@server.rulingia.com> <20180112074115.GB75633@server.rulingia.com> From: Brahmanand Reddy Date: Thu, 1 Feb 2018 06:30:14 +0530 Message-ID: Subject: Re: Need FreeBSD-SA-00:52(TCP uses weak initial sequence numbers) latest patch To: Peter Jeremy Cc: freebsd-security@freebsd.org X-Mailman-Approved-At: Thu, 01 Feb 2018 01:26:55 +0000 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 Feb 2018 01:00:16 -0000 Dear Peter/ Team, My final call on this thread, "RST not happens as quickly in 10.4 and 11 FreeBSD, like 9.2". it takes 10 to 15 seconds delay to reset and generate new ISN number on 80/443/ports. Example- # RST RST=TCP(sport=sport, dport=dport, flags='R', seq=SYNACK.ack, ack=0) send(ip/RST) * time.sleep(15*) SYN2=TCP(sport=sport,dport=dport,flags='S',seq=random.randint(1024,18576), ack=0) Kindly clarify and conclude, 1) it could be the expected behavior or any new enhancement causes this delay what are those.? 2) we have to be configure any thing like in 'sysctl.conf 'or corresponding fix is available ? Note: In 9.2 with out delay . i dint observed any issue. the standards say it must respond quickly with a RST. Sincerely, Brahma On Fri, Jan 12, 2018 at 1:11 PM, Peter Jeremy wrote: > On 2018-Jan-12 12:33:21 +0530, Brahmanand Reddy > wrote: > >TCP uses weak initial sequence numbers > >https://www.freebsd.org/security/advisories/FreeBSD- > SA-00%3A52.tcp-iss.asc > > As has been pointed out to you several times in this thread, that SA is > nearly 20 years old and there is no evidence that TCP on any recent FreeBSD > uses weak ISNs. > > >actually "arc4random()" will take care on https://github.com/freebsd/ > >freebsd/blob/master/sys/netinet/tcp_subr.c#L2374 > > Without studying the code in detail, that code appears to correctly use > arc4random() to initialise the ISN - which is as expected. > > > I suspecting 10.4 already having fix... but i didn't found on exactly > >which this problem from https://www.freebsd.org/security/patches/ > > Well, the original patch is > https://www.freebsd.org/security/patches/SA-00%3A52/ and was committed > as what is now https://svnweb.freebsd.org/base?view=revision&revision= > 66433 > Since that patch is integrated into the FreeBSD codebase, there's no need > to update the contents of https://www.freebsd.org/ > security/patches/SA-00%3A52/ > and it is not relevant to the current codebase. > > > i would like expecting where is the fix in 10,4 kernel. > > That code was re-written in r82122, retaining the use of arc4random() for > ISN initialisation. As a result, it's no longer possible to point at > specific code and say "that code fixes weak TCP ISNs". > > -- > Peter Jeremy > From owner-freebsd-security@freebsd.org Sat Feb 3 13:47:49 2018 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 05591EEA546; Sat, 3 Feb 2018 13:47:49 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: from mail-io0-x230.google.com (mail-io0-x230.google.com [IPv6:2607:f8b0:4001:c06::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 64E5569784; Sat, 3 Feb 2018 13:47:48 +0000 (UTC) (envelope-from brahma.gdb@gmail.com) Received: by mail-io0-x230.google.com with SMTP id l17so25865342ioc.3; Sat, 03 Feb 2018 05:47:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=oD6pmxhydqnT7QO8OUygxn8XlcVh570xvCC7SjR++sw=; b=TKkRwFtnS0fvqXBO7+eImt9K7odtragesb3U+unZ5wziQ5GBIZHD6RDCZ0dybLu9Y3 H91qDRfza0MLZ9OoBZe/tWNIM+vytuhcUzkAA0ijXpm31N5a++gRzvniTLb7vQ5/Z3JB xNv+eZ/rWaUdst9UpMUGWRm+E6JOe4OUOOHQRbMTWOyZIyjP6BETGU1x75XFZVYQvD5U 0KpMzko+TZX+lrsqW7+CxfwSH3K4T8pze8Op8HE/Dgu9N1wEXD8RVs3ef0BwL3Zc+hKt gIDbFnfDhK5to+zlhfhTeVU60GHlqTscdnH6H+oGMV7vyfhWX+1j7wmu0PfzsWQoDPle Z5Eg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=oD6pmxhydqnT7QO8OUygxn8XlcVh570xvCC7SjR++sw=; b=Nu4MHyoYMcnbX+k0VjhGy0xEaBEdzIg50qTqyx5SsdqjtKYjnZ76WkpPjH+QrknuIz XeYw58HfucTMjZS5/1N4uVVEMjkEN/5pyAnDeFFGK4HbG3JBkkoz1NtrFPUsE1T0vcS2 ZctKygWux6IDpcNOdF196iXTDCwZEPDL3pJsqmDOyLzAjsHdVNmlqOtItL/pu9CSdrRe osC8JNxxD0hNq3Wo8g0eyfGCzZyeKlqD5twZXFrE8H6Lry23xeMq1HMoJcOaJsxbOZUZ kjGjBAjM7WUjbo/s+jptgOrZWXfVdmc4Nxaw9LDrtdeT3Y/Zr98i2kFQ1MtZSaKFDASu Dpjw== X-Gm-Message-State: AKwxyteK+yh1hZOv5glSBFs4Ij4izGJ1VqplJdGBTStgD5yTdeCLcaH3 yPp2mAhcLsabRzpzwEBuzIGFKRDQrQnV0KIgGgnAgg== X-Google-Smtp-Source: AH8x226mI70sw78H8ad+077muk6kkqVKBliHvWphTx76yoq7usedLvgZf3v3J3RFLYQwmkS3TkzFzkmP7mZe3JKvrnw= X-Received: by 10.107.136.201 with SMTP id s70mr46502192ioi.177.1517665667717; Sat, 03 Feb 2018 05:47:47 -0800 (PST) MIME-Version: 1.0 Received: by 10.79.46.85 with HTTP; Sat, 3 Feb 2018 05:47:47 -0800 (PST) From: Brahmanand Reddy Date: Sat, 3 Feb 2018 19:17:47 +0530 Message-ID: Subject: 'Syncookies' feature effects to generate new ISN/random with RST happens 15 seconds delay. To: FreeBSD-security@freebsd.org, freebsd-security-owner@freebsd.org X-Mailman-Approved-At: Sat, 03 Feb 2018 13:52:23 +0000 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Feb 2018 13:47:49 -0000 Dear Experts, Recently i observed in 11.0 FreeBsd Kernel. new ISN random generating every 15 seconds. RST not happens quickly. if disable net.inet.tcp.syncookies=0 on syscntrl.conf .. RST happens quickly and generate new ISN numnber for next SYN requests. https://github.com/freebsd/freebsd/blob/master/sys/netinet/tcp_syncache.c#L1882 Could you please confirm its expected behavior about delay. have notified this issue, we have any patch please share. Thanks in Advance, Brahma