From owner-freebsd-security@freebsd.org Mon Jun 24 17:55:39 2019 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EAA1D15D41DB; Mon, 24 Jun 2019 17:55:38 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-io1-xd43.google.com (mail-io1-xd43.google.com [IPv6:2607:f8b0:4864:20::d43]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2EF7680567; Mon, 24 Jun 2019 17:55:38 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-io1-xd43.google.com with SMTP id e5so2826112iok.4; Mon, 24 Jun 2019 10:55:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4MRRmDNpSzX7dEAYkWo+JP5lH0ho+lsVneTDmGxAODc=; b=q8qTu9gMbTGIgi+my+G2d7X2Hey/s97J6AZa021bhvQX0TKVUHcxu3FIR4ACUKJhvo H4If+b+H5Uw55o4r8rDfAS8f7wj6wmudINsk+KzryQj6M8LphyBzpZrCpd07wV1jLma6 TyxaSd6V+0SUbo2GMxZoCtIE1Q6zGkCQRxVXuU6VPThy/LYrd5Gp4cjk34QpHSnxCdjA C33KEIZx3mkG49aZX34NsB1STE3jcYPP2WHDl18GLmuF5euhTL6mX/tOv+sMiUTTOg9H 4rkAI68G24ngtr0Ic7wBXDcx5NyzBLezkLcmkHaD04iSGiQcJkvrji4+6Nj2nMM2dQhi fE8w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4MRRmDNpSzX7dEAYkWo+JP5lH0ho+lsVneTDmGxAODc=; b=mBMxrH4kUbPbSdHboU8vZukJ8FzVbGqLDKtnj1GZwhw0fwv2Pa/6pjQON7JFW7yTZq IaOElVQ7pM0SFQ3c8cqonKXb4rl/Uw9UMhdxgiV9SN/Oh8KC9bu6G7OPt43N2UXBYWKq +kBTq/v1ZeMbRjO7x4owgZ/trAIhkK6YknGaUplS46yC73hccvn9khbmTTcmxf3kzF8h HCUg7ozLYfiEo4VmroQL7sMtKNeRnJcTHhtf4a9PKqDcOvm3PhzyCc1zEWub6BrjGdLo xCoQzavIimqcx/FWXvzFEmz8SS9SHhnXUluP67I1QA96ZBrEkEIzCgjmWMGdSTcTlSlK QZgg== X-Gm-Message-State: APjAAAVI5WiKUMAnappdYlNoRQm5VjcbARyZF8hhTsr7vFCUrIqzVPUx jp/H9PGhofRO/wyKAxInd0t9vHTWRELCvP0Lo1Ost5fH X-Google-Smtp-Source: APXvYqy5/J+1vEA9InCXgsA6v2RtYV7VpYjCE6CcUkva9kRVWExPP1OC8sQYB77qfMbzyGFUxRVGWXGeG/Re3i/XP70= X-Received: by 2002:a5d:8f9a:: with SMTP id l26mr3474553iol.22.1561398937297; Mon, 24 Jun 2019 10:55:37 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a02:212a:0:0:0:0:0 with HTTP; Mon, 24 Jun 2019 10:55:36 -0700 (PDT) In-Reply-To: References: <20190618235535.GY32970@gmail.com> From: grarpamp Date: Mon, 24 Jun 2019 13:55:36 -0400 Message-ID: Subject: Re: CVE-2019-5599 SACK Slowness (FreeBSD 12 using the RACK TCP Stack) To: freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org, jtl@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 2EF7680567 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=q8qTu9gM; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2607:f8b0:4864:20::d43 as permitted sender) smtp.mailfrom=grarpamp@gmail.com X-Spamd-Result: default: False [-4.85 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; IP_SCORE(-0.85)[ip: (1.27), ipnet: 2607:f8b0::/32(-3.15), asn: 15169(-2.33), country: US(-0.06)]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[3.4.d.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.99)[-0.986,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] X-Mailman-Approved-At: Mon, 24 Jun 2019 19:03:15 +0000 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jun 2019 17:55:39 -0000 On 6/18/19, grarpamp wrote: > https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md > As it is not in the current .md, when was the issue > discovered by Netflix / Looney? One week has gone by, so asking again... When was the issue discovered by Netflix / Looney? When did FreeBSD become aware of the issue?