Date: Wed, 29 Jun 2005 21:43:42 +0000 (UTC) From: "Simon L. Nielsen" <simon@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/contrib/bzip2 bzip2.c bzlib.c compress.c decompress.c huffman.c src/sys/netinet tcp_input.c tcp_seq.h Message-ID: <200506292143.j5TLhg3u046946@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
simon 2005-06-29 21:43:42 UTC
FreeBSD src repository (doc,ports committer)
Modified files: (Branch: RELENG_4)
contrib/bzip2 bzip2.c bzlib.c compress.c decompress.c
huffman.c
sys/netinet tcp_input.c tcp_seq.h
Log:
Correct bzip2 denial of service and permission race vulnerabilities.
Obtained from: Redhat, Steve Grubb via RedHat
Security: CAN-2005-0953, CAN-2005-1260
Security: FreeBSD-SA-05:14.bzip2
Approved by: obrien
Correct TCP connection stall denial-of-service vulnerabilities.
MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
packets containing a timestamp is received, inadequate checking of
sequence numbers is performed, allowing an attacker to artificially
increase the internal "recent" timestamp for a connection.
A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.
Security: CAN-2005-0356, CAN-2005-2068
Security: FreeBSD-SA-05:15.tcp
Approved by: cperciva
Revision Changes Path
1.1.1.1.2.3 +34 -9 src/contrib/bzip2/bzip2.c
1.1.1.1.2.3 +37 -14 src/contrib/bzip2/bzlib.c
1.1.1.1.2.3 +7 -5 src/contrib/bzip2/compress.c
1.1.1.1.2.3 +11 -5 src/contrib/bzip2/decompress.c
1.1.1.1.2.3 +18 -1 src/contrib/bzip2/huffman.c
1.107.2.44 +24 -4 src/sys/netinet/tcp_input.c
1.11.2.8 +1 -0 src/sys/netinet/tcp_seq.h
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200506292143.j5TLhg3u046946>