Is the "tcp time stamp validation issue" fixed in 5.4?
Christian Brueffer
chris at unixpages.org
Fri May 20 12:22:15 GMT 2005
On Fri, May 20, 2005 at 08:46:50AM +0200, Thomas Vogt wrote:
> Hello
>
> I'm a bit confused about the "tcp time stamp validation bug" mentioned
> in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed
> this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19).
>
> Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not
> look like this. But I'm not sure.
>
Unfortunately the fix wasn't merged back to RELENG_5_4 during the
release process. I have written a mail to the security team (see thread
on net@), hopefully they will merge this back soon.
- Christian
--
Christian Brueffer chris at unixpages.org brueffer at FreeBSD.org
GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc
GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050520/9480177f/attachment.bin
More information about the freebsd-security
mailing list