Date: Fri, 20 May 2005 14:21:02 +0200 From: Christian Brueffer <chris@unixpages.org> To: Thomas Vogt <freebsdlists@bsdunix.ch> Cc: freebsd-security@freebsd.org Subject: Re: Is the "tcp time stamp validation issue" fixed in 5.4? Message-ID: <20050520122102.GA1065@unixpages.org> In-Reply-To: <1116571610.54493.41.camel@bert.mlan.solnet.ch> References: <1116571610.54493.41.camel@bert.mlan.solnet.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
--45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, May 20, 2005 at 08:46:50AM +0200, Thomas Vogt wrote: > Hello >=20 > I'm a bit confused about the "tcp time stamp validation bug" mentioned > in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed > this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19).=20 >=20 > Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not > look like this. But I'm not sure. >=20 Unfortunately the fix wasn't merged back to RELENG_5_4 during the release process. I have written a mail to the security team (see thread on net@), hopefully they will merge this back soon. - Christian --=20 Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFCjdYubHYXjKDtmC0RAhlMAKDGYOiyHB8FtYdeewFLesBCIJenVQCg/BME HR12SDvBnJZfh8ntF3jFpJI= =2ezG -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050520122102.GA1065>