From owner-freebsd-security@FreeBSD.ORG Thu May 1 19:04:16 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8263974 for ; Thu, 1 May 2014 19:04:16 +0000 (UTC) Received: from anubis.delphij.net (anubis.delphij.net [IPv6:2001:470:1:117::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "anubis.delphij.net", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A60261137 for ; Thu, 1 May 2014 19:04:16 +0000 (UTC) Received: from zeta.ixsystems.com (unknown [69.198.165.132]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by anubis.delphij.net (Postfix) with ESMTPSA id D83E62343B; Thu, 1 May 2014 12:04:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=delphij.net; s=anubis; t=1398971056; bh=0fOWvdTevDmRNPR5T6Y+5r45zqqfY+v8X7jkjBPiYU4=; h=Date:From:Reply-To:To:CC:Subject:References:In-Reply-To; b=P6PM+UyCUdtWclSz3KB3sTXXb3teuO+fHKELU/Qy1F28z4p7wEhtRtADopd5CKrB7 cnhumcBR26TX/f2a0SvnprEWPesXmjVrLSCFLwa2UrZ5a3BLYKX6c1Fhsyx7Ph/n6Z hMgW4RhWMIuudOy8v85ZFgkL3ujDghmH+KF1aXNc= Message-ID: <53629AAF.8050802@delphij.net> Date: Thu, 01 May 2014 12:04:15 -0700 From: Xin Li Organization: The FreeBSD Project MIME-Version: 1.0 To: Bob Bishop , Kevin Day Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp References: <9C9E416B-501C-49CD-A698-93CA7848CD1D@gid.co.uk> In-Reply-To: <9C9E416B-501C-49CD-A698-93CA7848CD1D@gid.co.uk> X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 01 May 2014 19:04:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/01/14 05:19, Bob Bishop wrote: > Hi, > >> From: Kevin Day To: >> freebsd-security@freebsd.org Subject: Re: FreeBSD Security >> Advisory FreeBSD-SA-14:08.tcp >> >>> Affects: All supported versions of FreeBSD. Corrected: >>> 2014-04-30 04:04:20 UTC (stable/8, 8.4-STABLE) 2014-04-30 >>> 04:05:47 UTC (releng/8.4, 8.4-RELEASE-p9) 2014-04-30 04:05:47 >>> UTC (releng/8.3, 8.3-RELEASE-p16) 2014-04-30 04:04:20 UTC >>> (stable/9, 9.2-STABLE) 2014-04-30 04:05:47 UTC (releng/9.2, >>> 9.2-RELEASE-p5) 2014-04-30 04:05:47 UTC (releng/9.1, >>> 9.1-RELEASE-p12) 2014-04-30 04:03:05 UTC (stable/10, >>> 10.0-STABLE) 2014-04-30 04:04:42 UTC (releng/10.0, >>> 10.0-RELEASE-p2) >> >> Does anyone know the lower bound for how far back this bug >> exists? Is it only present in the above versions, or does it >> affect earlier versions that aren?t listed? >> >> (trying to come up with a deployment plan for some servers stuck >> on 8.1 and 7.x due to vendors abandoning device drivers) > > Just looked at this, 8.1 and 7.x don't have the optimisation using > the stack so they are unaffected. Yes. The affected code was introduced in r226113 (Oct 7, 2011). Note that the original change is not an "optimization" but a fix to prevent a denial of service situation. Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTYpqvAAoJEJW2GBstM+nsrtAP/jcbSTn8JhZNHz2dcDACS9wL 5zX3num5bdl9DtQQz2Ulw6KTteSvgxNX2p6FlM97F/2j7SeiBVGPviXDqaA3fjVq 8yS/VrLeJrH0tllAYGv//d0Em72NH5e219j5ov2pgivB3IdQEsNWY9A6uECBqYtY PlUsnX7RJDDTeO+n33y2hZdeD8+YRbfrebD0hTDURcViZB6XF7BEXWWPGXF8spBM 38Dk/OisDaxctm0ZQ03WoKTeCD0vyQCFbFk7ZHlkxa4Q4125PHWwsEstoiRtqShr YQEM/38ZmYp2baAp4lm3qix2mkudN+LsU15jTNvvAug4bVaLs6V6yjMhFllQdCQA rdp21t0eXXJXH6KwzCXP31yw6PyjH9aES71HfgMfwZ9P9kYyqzp29PvFkijg7mw6 LX4H15XO7Y5cEkwIPoIGJNymttBJPwIlQ1M2tT95GT6II5Z3bjIZ6tQjMJQlVFP4 ZKa0T48oqlCR4AsCzXCpPQpoBw628YYZGhq1Akh9B35WUlXD+b1ezqd4GYmdgnDM 6KEMfz1oaCb7mKtMHqzY2MTXuDCC9yTVUwsk676TICi3OD+r9h990BKxIPRocB8h zpOoG2QuesStY+L/pVzOAaWN05wlS/zl7LDLpt5MDCR5DRnwS89lGcJfbEyFJM/z nmIDyekGCTTPQ16zgGMW =gilP -----END PGP SIGNATURE-----