svn commit: r286027 - in head/sys: netinet sys
Patrick Kelsey
pkelsey at freebsd.org
Wed Jul 29 18:49:15 UTC 2015
On Wed, Jul 29, 2015 at 2:43 PM, Shawn Webb <shawn.webb at hardenedbsd.org>
wrote:
> On Wednesday, 29 July 2015 05:59:14 PM Patrick Kelsey wrote:
> > Author: pkelsey
> > Date: Wed Jul 29 17:59:13 2015
> > New Revision: 286027
> > URL: https://svnweb.freebsd.org/changeset/base/286027
> >
> > Log:
> > Revert r265338, r271089 and r271123 as those changes do not handle
> > non-inline urgent data and introduce an mbuf exhaustion attack vector
> > similar to FreeBSD-SA-15:15.tcp, but not requiring VNETs.
> >
> > Address the issue described in FreeBSD-SA-15:15.tcp.
> >
> > Reviewed by: glebius
> > Approved by: so
> > Approved by: jmallett (mentor)
> > Security: FreeBSD-SA-15:15.tcp
> > Sponsored by: Norse Corp, Inc.
>
> Does this commit need to be MFC'd to stable/10? Or is this only for HEAD?
>
The reverted revisions were only on HEAD after stable/10 was created and
never MFC'd. stable/10 only required the fix for FreeBSD-SA-15:15.tcp,
which was committed in r285976.
-Patrick
More information about the svn-src-all
mailing list