From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Jun 21 03:00:47 2004 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74B6316A4CF for ; Mon, 21 Jun 2004 03:00:47 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5563A43D45 for ; Mon, 21 Jun 2004 03:00:47 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) i5L30lZo056266 for ; Mon, 21 Jun 2004 03:00:47 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i5L30kT3056260; Mon, 21 Jun 2004 03:00:46 GMT (envelope-from gnats) Resent-Date: Mon, 21 Jun 2004 03:00:46 GMT Resent-Message-Id: <200406210300.i5L30kT3056260@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4401216A4CE; Mon, 21 Jun 2004 02:55:23 +0000 (GMT) Received: from rusunix.org (rusunix.org [195.162.56.232]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA9F243D39; Mon, 21 Jun 2004 02:55:21 +0000 (GMT) (envelope-from aquatique@rusunix.org) Received: by rusunix.org (Postfix, from userid 1111) id B802D1CE253; Mon, 21 Jun 2004 09:55:15 +0700 (OMSST) Message-Id: <20040621025515.B802D1CE253@rusunix.org> Date: Mon, 21 Jun 2004 09:55:15 +0700 (OMSST) From: To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: krion@FreeBSD.org Subject: ports/68161: fix DoS (http://www.securityfocus.com/archive/1/366486) X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: aquatique-ports@rambler.ru List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 03:00:47 -0000 >Number: 68161 >Category: ports >Synopsis: fix DoS (http://www.securityfocus.com/archive/1/366486) >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Jun 21 03:00:46 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Evgueni V. Gavrilov >Release: FreeBSD 4.10-RELEASE i386 >Organization: rusunix.org >Environment: System: FreeBSD rusunix.org 4.10-RELEASE FreeBSD 4.10-RELEASE #0: Thu May 27 18:47:13 OMSST 2004 root@rusunix.org:/usr/obj/usr/src/sys/NEWMONSTER i386 >Description: fix DoS (http://www.securityfocus.com/archive/1/366486) >How-To-Repeat: patch < >Fix: diff -ruN ircd-hybrid-ru.orig/files/patch-src-packet.c ircd-hybrid-ru/files/patch-src-packet.c --- ircd-hybrid-ru.orig/files/patch-src-packet.c Thu Jan 1 06:00:00 1970 +++ ircd-hybrid-ru/files/patch-src-packet.c Mon Jun 21 09:45:24 2004 @@ -0,0 +1,11 @@ +--- src/packet.c.orig Mon Jun 21 09:43:24 2004 ++++ src/packet.c Mon Jun 21 09:44:15 2004 +@@ -467,7 +467,7 @@ + parse_client_queued(client_p); + + /* Check to make sure we're not flooding */ +- if (IsPerson(client_p) && ++ if (!(IsServer(client_p) || IsHandshake(client_p) || IsConnecting(client_p)) && + (dbuf_length(&client_p->localClient->buf_recvq) > + (unsigned int)ConfigFileEntry.client_flood)) + { >Release-Note: >Audit-Trail: >Unformatted: