Date: Tue, 16 Sep 2014 09:50:19 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r271669 - in releng: 10.0 10.0/sys/conf 10.0/sys/netinet 8.4 8.4/sys/conf 8.4/sys/netinet 9.1 9.1/sys/conf 9.1/sys/netinet 9.2 9.2/sys/conf 9.2/sys/netinet 9.3 9.3/sys/conf 9.3/sys/netinet Message-ID: <201409160950.s8G9oJR7063260@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Tue Sep 16 09:50:19 2014 New Revision: 271669 URL: http://svnweb.freebsd.org/changeset/base/271669 Log: Fix Denial of Service in TCP packet processing. Security: FreeBSD-SA-14:19.tcp Approved by: so Modified: releng/10.0/UPDATING releng/10.0/sys/conf/newvers.sh releng/10.0/sys/netinet/tcp_input.c releng/8.4/UPDATING releng/8.4/sys/conf/newvers.sh releng/8.4/sys/netinet/tcp_input.c releng/9.1/UPDATING releng/9.1/sys/conf/newvers.sh releng/9.1/sys/netinet/tcp_input.c releng/9.2/UPDATING releng/9.2/sys/conf/newvers.sh releng/9.2/sys/netinet/tcp_input.c releng/9.3/UPDATING releng/9.3/sys/conf/newvers.sh releng/9.3/sys/netinet/tcp_input.c Modified: releng/10.0/UPDATING ============================================================================== --- releng/10.0/UPDATING Tue Sep 16 09:49:11 2014 (r271668) +++ releng/10.0/UPDATING Tue Sep 16 09:50:19 2014 (r271669) @@ -16,6 +16,9 @@ from older versions of FreeBSD, try WITH stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20140916: p9 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p8 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] Modified: releng/10.0/sys/conf/newvers.sh ============================================================================== --- releng/10.0/sys/conf/newvers.sh Tue Sep 16 09:49:11 2014 (r271668) +++ releng/10.0/sys/conf/newvers.sh Tue Sep 16 09:50:19 2014 (r271669) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.0" -BRANCH="RELEASE-p8" +BRANCH="RELEASE-p9" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/10.0/sys/netinet/tcp_input.c ============================================================================== --- releng/10.0/sys/netinet/tcp_input.c Tue Sep 16 09:49:11 2014 (r271668) +++ releng/10.0/sys/netinet/tcp_input.c Tue Sep 16 09:50:19 2014 (r271669) @@ -2202,11 +2202,7 @@ tcp_do_segment(struct mbuf *m, struct tc todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) Modified: releng/8.4/UPDATING ============================================================================== --- releng/8.4/UPDATING Tue Sep 16 09:49:11 2014 (r271668) +++ releng/8.4/UPDATING Tue Sep 16 09:50:19 2014 (r271669) @@ -15,6 +15,9 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20140916: p16 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p15 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] Modified: releng/8.4/sys/conf/newvers.sh ============================================================================== --- releng/8.4/sys/conf/newvers.sh Tue Sep 16 09:49:11 2014 (r271668) +++ releng/8.4/sys/conf/newvers.sh Tue Sep 16 09:50:19 2014 (r271669) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.4" -BRANCH="RELEASE-p15" +BRANCH="RELEASE-p16" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/8.4/sys/netinet/tcp_input.c ============================================================================== --- releng/8.4/sys/netinet/tcp_input.c Tue Sep 16 09:49:11 2014 (r271668) +++ releng/8.4/sys/netinet/tcp_input.c Tue Sep 16 09:50:19 2014 (r271669) @@ -2092,11 +2092,7 @@ tcp_do_segment(struct mbuf *m, struct tc todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) Modified: releng/9.1/UPDATING ============================================================================== --- releng/9.1/UPDATING Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.1/UPDATING Tue Sep 16 09:50:19 2014 (r271669) @@ -9,6 +9,9 @@ handbook. Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20140916: p19 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p18 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] Modified: releng/9.1/sys/conf/newvers.sh ============================================================================== --- releng/9.1/sys/conf/newvers.sh Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.1/sys/conf/newvers.sh Tue Sep 16 09:50:19 2014 (r271669) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.1" -BRANCH="RELEASE-p18" +BRANCH="RELEASE-p19" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/9.1/sys/netinet/tcp_input.c ============================================================================== --- releng/9.1/sys/netinet/tcp_input.c Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.1/sys/netinet/tcp_input.c Tue Sep 16 09:50:19 2014 (r271669) @@ -2161,11 +2161,7 @@ tcp_do_segment(struct mbuf *m, struct tc todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) Modified: releng/9.2/UPDATING ============================================================================== --- releng/9.2/UPDATING Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.2/UPDATING Tue Sep 16 09:50:19 2014 (r271669) @@ -11,6 +11,9 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20140916: p12 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p11 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] Modified: releng/9.2/sys/conf/newvers.sh ============================================================================== --- releng/9.2/sys/conf/newvers.sh Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.2/sys/conf/newvers.sh Tue Sep 16 09:50:19 2014 (r271669) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.2" -BRANCH="RELEASE-p11" +BRANCH="RELEASE-p12" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/9.2/sys/netinet/tcp_input.c ============================================================================== --- releng/9.2/sys/netinet/tcp_input.c Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.2/sys/netinet/tcp_input.c Tue Sep 16 09:50:19 2014 (r271669) @@ -2181,11 +2181,7 @@ tcp_do_segment(struct mbuf *m, struct tc todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1) Modified: releng/9.3/UPDATING ============================================================================== --- releng/9.3/UPDATING Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.3/UPDATING Tue Sep 16 09:50:19 2014 (r271669) @@ -11,6 +11,9 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20140916: p2 FreeBSD-SA-14:19.tcp + Fix Denial of Service in TCP packet processing. [SA-14:19] + 20140909: p1 FreeBSD-SA-14:18.openssl Fix OpenSSL multiple vulnerabilities. [SA-14:18] Modified: releng/9.3/sys/conf/newvers.sh ============================================================================== --- releng/9.3/sys/conf/newvers.sh Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.3/sys/conf/newvers.sh Tue Sep 16 09:50:19 2014 (r271669) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.3" -BRANCH="RELEASE-p1" +BRANCH="RELEASE-p2" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/9.3/sys/netinet/tcp_input.c ============================================================================== --- releng/9.3/sys/netinet/tcp_input.c Tue Sep 16 09:49:11 2014 (r271668) +++ releng/9.3/sys/netinet/tcp_input.c Tue Sep 16 09:50:19 2014 (r271669) @@ -2181,11 +2181,7 @@ tcp_do_segment(struct mbuf *m, struct tc todrop = tp->rcv_nxt - th->th_seq; if (todrop > 0) { - /* - * If this is a duplicate SYN for our current connection, - * advance over it and pretend and it's not a SYN. - */ - if (thflags & TH_SYN && th->th_seq == tp->irs) { + if (thflags & TH_SYN) { thflags &= ~TH_SYN; th->th_seq++; if (th->th_urp > 1)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201409160950.s8G9oJR7063260>