From owner-cvs-all@FreeBSD.ORG  Wed Jun 29 21:42:33 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B1BD16A41C;
	Wed, 29 Jun 2005 21:42:33 +0000 (GMT)
	(envelope-from simon@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 65E3D43D1F;
	Wed, 29 Jun 2005 21:42:33 +0000 (GMT)
	(envelope-from simon@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j5TLgXla046812;
	Wed, 29 Jun 2005 21:42:33 GMT
	(envelope-from simon@repoman.freebsd.org)
Received: (from simon@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j5TLgXBa046811;
	Wed, 29 Jun 2005 21:42:33 GMT (envelope-from simon)
Message-Id: <200506292142.j5TLgXBa046811@repoman.freebsd.org>
From: "Simon L. Nielsen" <simon@FreeBSD.org>
Date: Wed, 29 Jun 2005 21:42:33 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: RELENG_5_3
Cc: 
Subject: cvs commit: src UPDATING src/contrib/bzip2 bzip2.c bzlib.c
 compress.c decompress.c huffman.c src/sys/conf newvers.sh
 src/sys/netinet tcp_input.c tcp_seq.h
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jun 2005 21:42:33 -0000

simon       2005-06-29 21:42:33 UTC

  FreeBSD src repository (doc,ports committer)

  Modified files:        (Branch: RELENG_5_3)
    .                    UPDATING 
    contrib/bzip2        bzip2.c bzlib.c compress.c decompress.c 
                         huffman.c 
    sys/conf             newvers.sh 
    sys/netinet          tcp_input.c tcp_seq.h 
  Log:
  Correct bzip2 denial of service and permission race vulnerabilities.
  
  Obtained from:  Redhat, Steve Grubb via RedHat
  Security:       CAN-2005-0953, CAN-2005-1260
  Security:       FreeBSD-SA-05:14.bzip2
  Approved by:    obrien
  
  Correct TCP connection stall denial-of-service vulnerabilities.
  
  MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP
  packets containing a timestamp is received, inadequate checking of
  sequence numbers is performed, allowing an attacker to artificially
  increase the internal "recent" timestamp for a connection.
  
  A TCP packets with the SYN flag set is accepted for established
  connections, allowing an attacker to overwrite certain TCP options.
  
  Security:       CAN-2005-0356, CAN-2005-2068
  Security:       FreeBSD-SA-05:15.tcp
  
  Approved by:    so (cperciva)
  
  Revision         Changes    Path
  1.342.2.13.2.20  +5 -0      src/UPDATING
  1.1.1.2.10.1     +34 -9     src/contrib/bzip2/bzip2.c
  1.1.1.2.10.1     +37 -14    src/contrib/bzip2/bzlib.c
  1.1.1.2.10.1     +7 -5      src/contrib/bzip2/compress.c
  1.1.1.2.10.1     +11 -5     src/contrib/bzip2/decompress.c
  1.1.1.2.10.1     +18 -1     src/contrib/bzip2/huffman.c
  1.62.2.15.2.22   +1 -1      src/sys/conf/newvers.sh
  1.252.4.1        +24 -4     src/sys/netinet/tcp_input.c
  1.22.4.1         +1 -0      src/sys/netinet/tcp_seq.h