Date: Fri, 06 Apr 2001 17:00:10 -0700 From: "Bruce A. Mah" <bmah@FreeBSD.ORG> To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> Cc: freebsd-security@FreeBSD.ORG Subject: Re: URGENT: Serious bug in IPFilter (fwd) Message-ID: <200104070000.f3700AD10168@bmah-freebsd-0.cisco.com> In-Reply-To: <200104062135.f36LZpt67966@cwsys.cwsent.com> References: <200104062135.f36LZpt67966@cwsys.cwsent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_867176716P Content-Type: text/plain; charset=us-ascii If memory serves me right, Cy Schubert - ITSD Open Systems Group wrote: > Should we be updating IP Filter in our source tree before 4.3-RELEASE? > This sounds like a serious bug. It looks like darrenr committed a fix to HEAD, but it's not MFC-ed yet AFAIK: darrenr@FreeBSD.org said: > darrenr 2001/04/06 08:52:29 PDT > Modified files: > sys/netinet ip_frag.c ip_frag.h ip_nat.c ip_nat.h > ip_state.c > Log: > fix security hole created by fragment cache > Revision Changes Path > 1.15 +26 -5 src/sys/netinet/ip_frag.c > 1.12 +5 -3 src/sys/netinet/ip_frag.h > 1.22 +5 -3 src/sys/netinet/ip_nat.c > 1.15 +2 -1 src/sys/netinet/ip_nat.h > 1.21 +3 -3 src/sys/netinet/ip_state.c Bruce. --==_Exmh_867176716P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: Exmh version 2.2 06/23/2000 iD8DBQE6zliK2MoxcVugUsMRArEtAJ4jgKqouX2NHuOXbHPGFZ5UkeOM7wCg2poq iWrnytrNGZJljBMIdLeHa8o= =ckzN -----END PGP SIGNATURE----- --==_Exmh_867176716P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200104070000.f3700AD10168>