From owner-freebsd-security@FreeBSD.ORG Fri Jun 5 09:51:29 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 03EF81065672 for ; Fri, 5 Jun 2009 09:51:29 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: from mail-bw0-f217.google.com (mail-bw0-f217.google.com [209.85.218.217]) by mx1.freebsd.org (Postfix) with ESMTP id 8211B8FC0A for ; Fri, 5 Jun 2009 09:51:28 +0000 (UTC) (envelope-from oliver.pntr@gmail.com) Received: by bwz17 with SMTP id 17so251581bwz.43 for ; Fri, 05 Jun 2009 02:51:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=q6fOAY2/84taHmq0NFjS7YEgiI8lDvcj1tDvkz8k/ig=; b=NCoJx6Ybhl5Mf4ECpY6LmwcBBsyK6DYKKWJqw1gs2RDnY0LPhQdqgFPitxIRgPpLC+ PKXPucPSw5BsysN6BMh1c3+qQjZxQKJ7YhMHiey/RU5QNtY2E7ZO4EeFXustoQeF0HN2 Bf8Zk2YTpuOr5nZ792G6l4o0zHV9JEeaGDm54= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=k6WufigXiV9SplgjenipweE5H5YvRIgpt9xSGgg+SUV2vR44ZN1mIZTimXNCvxMlCY FexsC9xNZTwa4xYeYo71gRzDK7sDP93dRCqy2T/JgLMnHM2jlCkJRE6x+CxKCV7bfR+r JB7SUEz0rrLwy6rxG/Mho9Vx/VEJ3moTyH91o= MIME-Version: 1.0 Received: by 10.103.169.18 with SMTP id w18mr2056444muo.101.1244195487233; Fri, 05 Jun 2009 02:51:27 -0700 (PDT) In-Reply-To: References: <6101e8c40906041315t5b9c2b6ep4f35b2068586f2c3@mail.gmail.com> Date: Fri, 5 Jun 2009 11:51:27 +0200 Message-ID: <6101e8c40906050251l6d744649ja6a051a807c860b8@mail.gmail.com> From: Oliver Pinter To: rea-fbsd@codelabs.ru Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org Subject: Re: OpenSSL DoS/PoC in milw0rm X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jun 2009 09:51:29 -0000 thanks for the fast reply, and the patch On 6/5/09, Eygene Ryabinkin wrote: > Thu, Jun 04, 2009 at 10:15:34PM +0200, Oliver Pinter wrote: >> the base system contins 0.9.8e and this PoC is affected up to 0.9.8i > > There was combined PR for the ports/base system OpenSSL, > http://www.freebsd.org/cgi/query-pr.cgi?pr=134653 > > Probably more complete patch for DTLS stuff, > http://sctp.fh-muenster.de/dtls/dtls-bugs.patch > that additionally fixes MTU problems and other stuff can be integrated > to the base system as it was recently done with the security/openssl. > I am in ENOTIME now, so I'm not able to test these patches myself, sorry. > -- > Eygene > _ ___ _.--. # > \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard > / ' ` , __.--' # to read the on-line manual > )/' _/ \ `-_, / # while single-stepping the kernel. > `-'" `"\_ ,_.-;_.-\_ ', fsc/as # > _.-'_./ {_.' ; / # -- FreeBSD Developers handbook > {_.-``-' {_/ # >