Date: Tue, 28 Jan 2020 18:56:46 +0000 (UTC) From: Gordon Tetlow <gordon@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r357218 - releng/12.0/sys/netipsec Message-ID: <202001281856.00SIukjv037933@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: gordon Date: Tue Jan 28 18:56:46 2020 New Revision: 357218 URL: https://svnweb.freebsd.org/changeset/base/357218 Log: Fix missing IPsec anti-replay window check Reported by: Jean-Francois HREN Approved by: so Security: FreeBSD-SA-20:02.ipsec Security: CVE-2019-5613 Modified: releng/12.0/sys/netipsec/ipsec.c Modified: releng/12.0/sys/netipsec/ipsec.c ============================================================================== --- releng/12.0/sys/netipsec/ipsec.c Tue Jan 28 18:55:25 2020 (r357217) +++ releng/12.0/sys/netipsec/ipsec.c Tue Jan 28 18:56:46 2020 (r357218) @@ -1318,6 +1318,8 @@ ok: __func__, replay->overflow, ipsec_sa2str(sav, buf, sizeof(buf)))); } + + replay->count++; return (0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202001281856.00SIukjv037933>