Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 23 Sep 2003 13:07:06 -0700 (PDT)
From:      Bruce M Simpson <bms@FreeBSD.org>
To:        src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   cvs commit: src UPDATING src/sys/netinet if_ether.c src/sys/conf newvers.sh
Message-ID:  <200309232007.h8NK76dt061532@repoman.freebsd.org>

next in thread | raw e-mail | index | archive | help
bms         2003/09/23 13:07:06 PDT

  FreeBSD src repository

  Modified files:        (Branch: RELENG_5_0)
    .                    UPDATING 
    sys/netinet          if_ether.c 
    sys/conf             newvers.sh 
  Log:
  Fix a bug in arplookup(), whereby a hostile party on a locally
  attached network could exhaust kernel memory, and cause a system
  panic, by sending a flood of spoofed ARP requests.
  
  Approved by:    security-officer, jake (mentor)
  Reported by:    Apple Product Security <product-security@apple.com>
  
  Revision    Changes    Path
  1.229.2.21  +5 -0      src/UPDATING
  1.48.2.16   +1 -1      src/sys/conf/newvers.sh
  1.96.2.1    +14 -6     src/sys/netinet/if_ether.c



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200309232007.h8NK76dt061532>