From owner-svn-src-head@freebsd.org Wed Jul 29 18:49:15 2015 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DE149AE5FD; Wed, 29 Jul 2015 18:49:15 +0000 (UTC) (envelope-from pkelsey@gmail.com) Received: from mail-yk0-x229.google.com (mail-yk0-x229.google.com [IPv6:2607:f8b0:4002:c07::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3EEF58B0; Wed, 29 Jul 2015 18:49:15 +0000 (UTC) (envelope-from pkelsey@gmail.com) Received: by ykay190 with SMTP id y190so15604245yka.3; Wed, 29 Jul 2015 11:49:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=h63LKlyCALoqywe+qDuK1Q2fTNYkj4zd8kRe8b8hlkg=; b=BKzVjTB1brEQDT/cKKnp0gg4we4dO4W68ge5ZnHPJZvvgnB9x0kN12jpiH+BBE3Uzg LoljFjSu7vS0dVTtfVviJDgNyt4MY0YPl2I2hjeHsdocghxo78tbVhNAm1Eg6qwbkmsu BAbZoms+96sa8EK5sLInT81yDP2wTxRthz11qTdg1o2V7knxxO8+q1d9DZeBdKUDxcq6 JCsVpInh7tfoGY8/paY+Hr0h1DZSfIdm3A4RWnKLuhIJ0lVeCMlWuBMXR9NZITJPY4uB +71NKR5rtvYueSPnfLQYDafKEuqe9trb/s+4QpPgAOTcUEa4aaBziOHlIU4I4K6XYCAQ 7trw== MIME-Version: 1.0 X-Received: by 10.129.36.14 with SMTP id k14mr45920619ywk.64.1438195754487; Wed, 29 Jul 2015 11:49:14 -0700 (PDT) Sender: pkelsey@gmail.com Received: by 10.129.138.68 with HTTP; Wed, 29 Jul 2015 11:49:14 -0700 (PDT) In-Reply-To: <1544505.mLGqfis2xi@hbsd-dev-laptop> References: <201507291759.t6THxEZ2061562@repo.freebsd.org> <1544505.mLGqfis2xi@hbsd-dev-laptop> Date: Wed, 29 Jul 2015 14:49:14 -0400 X-Google-Sender-Auth: tC4jxCTXQL-AFNTlQypY5M2lglA Message-ID: Subject: Re: svn commit: r286027 - in head/sys: netinet sys From: Patrick Kelsey To: Shawn Webb Cc: svn-src-all@freebsd.org, svn-src-head@freebsd.org, src-committers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 18:49:15 -0000 On Wed, Jul 29, 2015 at 2:43 PM, Shawn Webb wrote: > On Wednesday, 29 July 2015 05:59:14 PM Patrick Kelsey wrote: > > Author: pkelsey > > Date: Wed Jul 29 17:59:13 2015 > > New Revision: 286027 > > URL: https://svnweb.freebsd.org/changeset/base/286027 > > > > Log: > > Revert r265338, r271089 and r271123 as those changes do not handle > > non-inline urgent data and introduce an mbuf exhaustion attack vector > > similar to FreeBSD-SA-15:15.tcp, but not requiring VNETs. > > > > Address the issue described in FreeBSD-SA-15:15.tcp. > > > > Reviewed by: glebius > > Approved by: so > > Approved by: jmallett (mentor) > > Security: FreeBSD-SA-15:15.tcp > > Sponsored by: Norse Corp, Inc. > > Does this commit need to be MFC'd to stable/10? Or is this only for HEAD? > The reverted revisions were only on HEAD after stable/10 was created and never MFC'd. stable/10 only required the fix for FreeBSD-SA-15:15.tcp, which was committed in r285976. -Patrick