Hello I'm a bit confused about the "tcp time stamp validation bug" mentioned in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19). Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not look like this. But I'm not sure. Regards, Thomas
Christian Brueffer
2005-May-20 05:23 UTC
Is the "tcp time stamp validation issue" fixed in 5.4?
On Fri, May 20, 2005 at 08:46:50AM +0200, Thomas Vogt wrote:> Hello > > I'm a bit confused about the "tcp time stamp validation bug" mentioned > in the http://www.kb.cert.org/vuls/id/637934 advisory. FreeBSD has fixed > this issue in -current (2005-04-10) and in RELENG_5 (2005-04-19). > > Is this also already fixed in 5.4? The CVS ID for tcp_input.c does not > look like this. But I'm not sure. >Unfortunately the fix wasn't merged back to RELENG_5_4 during the release process. I have written a mail to the security team (see thread on net@), hopefully they will merge this back soon. - Christian -- Christian Brueffer chris@unixpages.org brueffer@FreeBSD.org GPG Key: http://people.freebsd.org/~brueffer/brueffer.key.asc GPG Fingerprint: A5C8 2099 19FF AACA F41B B29B 6C76 178C A0ED 982D -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 187 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050520/9480177f/attachment.bin