From owner-freebsd-security@FreeBSD.ORG  Thu May  1 12:30:04 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id F2144DD5
 for <freebsd-security@freebsd.org>; Thu,  1 May 2014 12:30:04 +0000 (UTC)
Received: from mx0.gid.co.uk (mx0.gid.co.uk [194.32.164.250])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9DB4A157C
 for <freebsd-security@freebsd.org>; Thu,  1 May 2014 12:30:04 +0000 (UTC)
Received: from [192.168.0.249] (5751e248.skybroadband.com [87.81.226.72])
 by mx0.gid.co.uk (8.14.2/8.14.2) with ESMTP id s41CJxoI007856;
 Thu, 1 May 2014 13:19:59 +0100 (BST) (envelope-from rb@gid.co.uk)
From: Bob Bishop <rb@gid.co.uk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp
Date: Thu, 1 May 2014 13:19:54 +0100
Message-Id: <9C9E416B-501C-49CD-A698-93CA7848CD1D@gid.co.uk>
To: Kevin Day <toasty@dragondata.com>
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
X-Mailer: Apple Mail (2.1874)
Cc: freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 May 2014 12:30:05 -0000

Hi,

> From: Kevin Day <toasty@dragondata.com>
> To: freebsd-security@freebsd.org
> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp
>=20
> > Affects:        All supported versions of FreeBSD.
> > Corrected:      2014-04-30 04:04:20 UTC (stable/8, 8.4-STABLE)
> >                 2014-04-30 04:05:47 UTC (releng/8.4, 8.4-RELEASE-p9)
> >                 2014-04-30 04:05:47 UTC (releng/8.3, =
8.3-RELEASE-p16)
> >                 2014-04-30 04:04:20 UTC (stable/9, 9.2-STABLE)
> >                 2014-04-30 04:05:47 UTC (releng/9.2, 9.2-RELEASE-p5)
> >                 2014-04-30 04:05:47 UTC (releng/9.1, =
9.1-RELEASE-p12)
> >                 2014-04-30 04:03:05 UTC (stable/10, 10.0-STABLE)
> >                 2014-04-30 04:04:42 UTC (releng/10.0, =
10.0-RELEASE-p2)
>=20
> Does anyone know the lower bound for how far back this bug exists? Is =
it only present in the above versions, or does it affect earlier =
versions that aren?t listed?
>=20
> (trying to come up with a deployment plan for some servers stuck on =
8.1 and 7.x due to vendors abandoning device drivers)

Just looked at this, 8.1 and 7.x don't have the optimisation using the =
stack so they are unaffected.

--
Bob Bishop
rb@gid.co.uk