From owner-cvs-src@FreeBSD.ORG Wed Jun 29 21:45:14 2005 Return-Path: X-Original-To: cvs-src@FreeBSD.org Delivered-To: cvs-src@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C84F916A41C; Wed, 29 Jun 2005 21:45:14 +0000 (GMT) (envelope-from simon@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id A09E243D53; Wed, 29 Jun 2005 21:45:14 +0000 (GMT) (envelope-from simon@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j5TLjEmY047110; Wed, 29 Jun 2005 21:45:14 GMT (envelope-from simon@repoman.freebsd.org) Received: (from simon@localhost) by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j5TLjEoZ047109; Wed, 29 Jun 2005 21:45:14 GMT (envelope-from simon) Message-Id: <200506292145.j5TLjEoZ047109@repoman.freebsd.org> From: "Simon L. Nielsen" Date: Wed, 29 Jun 2005 21:45:14 +0000 (UTC) To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: RELENG_4_11 Cc: Subject: cvs commit: src UPDATING src/contrib/bzip2 bzip2.c bzlib.c compress.c decompress.c huffman.c src/sys/conf newvers.sh src/sys/netinet tcp_input.c tcp_seq.h X-BeenThere: cvs-src@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jun 2005 21:45:14 -0000 simon 2005-06-29 21:45:14 UTC FreeBSD src repository (doc,ports committer) Modified files: (Branch: RELENG_4_11) . UPDATING contrib/bzip2 bzip2.c bzlib.c compress.c decompress.c huffman.c sys/conf newvers.sh sys/netinet tcp_input.c tcp_seq.h Log: Correct bzip2 denial of service and permission race vulnerabilities. Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: so (cperciva) Revision Changes Path 1.73.2.91.2.12 +5 -0 src/UPDATING 1.1.1.1.2.2.12.1 +34 -9 src/contrib/bzip2/bzip2.c 1.1.1.1.2.2.12.1 +37 -14 src/contrib/bzip2/bzlib.c 1.1.1.1.2.2.12.1 +7 -5 src/contrib/bzip2/compress.c 1.1.1.1.2.2.12.1 +11 -5 src/contrib/bzip2/decompress.c 1.1.1.1.2.2.12.1 +18 -1 src/contrib/bzip2/huffman.c 1.44.2.39.2.15 +1 -1 src/sys/conf/newvers.sh 1.107.2.41.4.3 +24 -4 src/sys/netinet/tcp_input.c 1.11.2.7.8.1 +1 -0 src/sys/netinet/tcp_seq.h