From owner-freebsd-security@FreeBSD.ORG Thu Feb 5 03:01:55 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 006B116A52B for ; Thu, 5 Feb 2004 03:01:54 -0800 (PST) Received: from smtp.des.no (flood.des.no [217.116.83.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F05043D39 for ; Thu, 5 Feb 2004 03:01:53 -0800 (PST) (envelope-from des@des.no) Received: by smtp.des.no (Pony Express, from userid 666) id 7EDF6530D; Thu, 5 Feb 2004 12:01:52 +0100 (CET) Received: from dwp.des.no (des.no [80.203.228.37]) by smtp.des.no (Pony Express) with ESMTP id 36B665308; Thu, 5 Feb 2004 12:01:46 +0100 (CET) Received: by dwp.des.no (Postfix, from userid 2602) id 1CF5B33C6B; Thu, 5 Feb 2004 12:01:46 +0100 (CET) To: Syahrul Sazli Shaharir References: <20040205103946.W1640@localhost> From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) Date: Thu, 05 Feb 2004 12:01:46 +0100 In-Reply-To: <20040205103946.W1640@localhost> (Syahrul Sazli Shaharir's message of "Thu, 5 Feb 2004 10:58:30 +0800 (MYT)") Message-ID: User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on flood.des.no X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.63 cc: freebsd-security@freebsd.org Subject: Re: Status Check: CVE CAN-2004-0002 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2004 11:01:55 -0000 Syahrul Sazli Shaharir writes: > Just want to ask about the status of this:- > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCAN-2004-0002 > > From list archives I gather the fix is still under refinement (but > committed (and removed?) in HEAD and RELENG_5_2). Not removed, just not enabled by default. They cause problems for legitimate applications (such as database servers and sshd) which generate large numbers of small packets. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no