cvs commit: src UPDATING src/contrib/bzip2 bzip2.c bzlib.c compress.c decompress.c huffman.c src/sys/conf newvers.sh src/sys/netinet tcp_input.c tcp_seq.h

Simon L. Nielsen simon at FreeBSD.org
Wed Jun 29 21:45:14 GMT 2005


simon       2005-06-29 21:45:14 UTC

  FreeBSD src repository (doc,ports committer)

  Modified files:        (Branch: RELENG_4_11)
    .                    UPDATING 
    contrib/bzip2        bzip2.c bzlib.c compress.c decompress.c 
                         huffman.c 
    sys/conf             newvers.sh 
    sys/netinet          tcp_input.c tcp_seq.h 
  Log:
  Correct bzip2 denial of service and permission race vulnerabilities.
  
  Obtained from:  Redhat, Steve Grubb via RedHat
  Security:       CAN-2005-0953, CAN-2005-1260
  Security:       FreeBSD-SA-05:14.bzip2
  Approved by:    obrien
  
  Correct TCP connection stall denial-of-service vulnerabilities.
  
  MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
  packets containing a timestamp is received, inadequate checking of
  sequence numbers is performed, allowing an attacker to artificially
  increase the internal "recent" timestamp for a connection.
  
  A TCP packets with the SYN flag set is accepted for established
  connections, allowing an attacker to overwrite certain TCP options.
  
  Security:       CAN-2005-0356, CAN-2005-2068
  Security:       FreeBSD-SA-05:15.tcp
  
  Approved by:    so (cperciva)
  
  Revision          Changes    Path
  1.73.2.91.2.12    +5 -0      src/UPDATING
  1.1.1.1.2.2.12.1  +34 -9     src/contrib/bzip2/bzip2.c
  1.1.1.1.2.2.12.1  +37 -14    src/contrib/bzip2/bzlib.c
  1.1.1.1.2.2.12.1  +7 -5      src/contrib/bzip2/compress.c
  1.1.1.1.2.2.12.1  +11 -5     src/contrib/bzip2/decompress.c
  1.1.1.1.2.2.12.1  +18 -1     src/contrib/bzip2/huffman.c
  1.44.2.39.2.15    +1 -1      src/sys/conf/newvers.sh
  1.107.2.41.4.3    +24 -4     src/sys/netinet/tcp_input.c
  1.11.2.7.8.1      +1 -0      src/sys/netinet/tcp_seq.h


More information about the cvs-src mailing list