Date: Wed, 29 Jul 2015 14:49:14 -0400 From: Patrick Kelsey <pkelsey@freebsd.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: svn-src-all@freebsd.org, svn-src-head@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r286027 - in head/sys: netinet sys Message-ID: <CAD44qMWz4MUKhhGZ-x%2BOhqs_uAmaydn%2BNL0iFvLFhjaz_AGPJg@mail.gmail.com> In-Reply-To: <1544505.mLGqfis2xi@hbsd-dev-laptop> References: <201507291759.t6THxEZ2061562@repo.freebsd.org> <1544505.mLGqfis2xi@hbsd-dev-laptop>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jul 29, 2015 at 2:43 PM, Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > On Wednesday, 29 July 2015 05:59:14 PM Patrick Kelsey wrote: > > Author: pkelsey > > Date: Wed Jul 29 17:59:13 2015 > > New Revision: 286027 > > URL: https://svnweb.freebsd.org/changeset/base/286027 > > > > Log: > > Revert r265338, r271089 and r271123 as those changes do not handle > > non-inline urgent data and introduce an mbuf exhaustion attack vector > > similar to FreeBSD-SA-15:15.tcp, but not requiring VNETs. > > > > Address the issue described in FreeBSD-SA-15:15.tcp. > > > > Reviewed by: glebius > > Approved by: so > > Approved by: jmallett (mentor) > > Security: FreeBSD-SA-15:15.tcp > > Sponsored by: Norse Corp, Inc. > > Does this commit need to be MFC'd to stable/10? Or is this only for HEAD? > The reverted revisions were only on HEAD after stable/10 was created and never MFC'd. stable/10 only required the fix for FreeBSD-SA-15:15.tcp, which was committed in r285976. -Patrick
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD44qMWz4MUKhhGZ-x%2BOhqs_uAmaydn%2BNL0iFvLFhjaz_AGPJg>