From owner-freebsd-security@FreeBSD.ORG Fri May 20 12:22:15 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C0D4D16A4CE for ; Fri, 20 May 2005 12:22:15 +0000 (GMT) Received: from ms-dienst.rz.rwth-aachen.de (ms-2.rz.RWTH-Aachen.DE [134.130.3.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2183643DA0 for ; Fri, 20 May 2005 12:22:15 +0000 (GMT) (envelope-from chris@haakonia.hitnet.rwth-aachen.de) Received: from r220-1 (r220-1.rz.RWTH-Aachen.DE [134.130.3.31]) by ms-dienst.rz.rwth-aachen.de (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IGS00DUAFN3FS@ms-dienst.rz.rwth-aachen.de> for freebsd-security@freebsd.org; Fri, 20 May 2005 14:21:04 +0200 (MEST) Received: from relay.rwth-aachen.de ([134.130.3.1]) by r220-1 (MailMonitor for SMTP v1.2.2 ) ; Fri, 20 May 2005 14:21:03 +0200 (MEST) Received: from haakonia.hitnet.rwth-aachen.de (mulzirak.hitnet.RWTH-Aachen.DE [137.226.181.149]) j4KCL2kb009788; Fri, 20 May 2005 14:21:02 +0200 (MEST) Received: by haakonia.hitnet.rwth-aachen.de (Postfix, from userid 1001) id 898C828439; Fri, 20 May 2005 14:21:02 +0200 (CEST) Date: Fri, 20 May 2005 14:21:02 +0200 From: Christian Brueffer In-reply-to: <1116571610.54493.41.camel@bert.mlan.solnet.ch> To: Thomas Vogt Message-id: <20050520122102.GA1065@unixpages.org> MIME-version: 1.0 Content-type: multipart/signed; boundary=45Z9DzgjV8m4Oswq; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-disposition: inline User-Agent: Mutt/1.5.6i X-Operating-System: FreeBSD 5.4-STABLE X-PGP-Key: http://people.FreeBSD.org/~brueffer/brueffer.key.asc X-PGP-Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D References: <1116571610.54493.41.camel@bert.mlan.solnet.ch> cc: freebsd-security@freebsd.org Subject: Re: Is the "tcp time stamp validation issue" fixed in 5.4? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 May 2005 12:22:15 -0000 --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 20, 2005 at 08:46:50AM +0200, Thomas Vogt wrote: > Hello >=20 > I'm a bit confused about the "tcp time stamp validation bug" mentioned > in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed > this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19).=20 >=20 > Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not > look like this. But I'm not sure. >=20 Unfortunately the fix wasn't merged back to RELENG_5_4 during the release process. I have written a mail to the security team (see thread on net@), hopefully they will merge this back soon. - Christian --=20 Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFCjdYubHYXjKDtmC0RAhlMAKDGYOiyHB8FtYdeewFLesBCIJenVQCg/BME HR12SDvBnJZfh8ntF3jFpJI= =2ezG -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq--