Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp

看板FB_security作者時間11年前 (2014/05/02 03:32), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串9/21 (看更多)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/01/14 05:19, Bob Bishop wrote: > Hi, > >> From: Kevin Day <toasty@dragondata.com> To: >> freebsd-security@freebsd.org Subject: Re: FreeBSD Security >> Advisory FreeBSD-SA-14:08.tcp >> >>> Affects: All supported versions of FreeBSD. Corrected: >>> 2014-04-30 04:04:20 UTC (stable/8, 8.4-STABLE) 2014-04-30 >>> 04:05:47 UTC (releng/8.4, 8.4-RELEASE-p9) 2014-04-30 04:05:47 >>> UTC (releng/8.3, 8.3-RELEASE-p16) 2014-04-30 04:04:20 UTC >>> (stable/9, 9.2-STABLE) 2014-04-30 04:05:47 UTC (releng/9.2, >>> 9.2-RELEASE-p5) 2014-04-30 04:05:47 UTC (releng/9.1, >>> 9.1-RELEASE-p12) 2014-04-30 04:03:05 UTC (stable/10, >>> 10.0-STABLE) 2014-04-30 04:04:42 UTC (releng/10.0, >>> 10.0-RELEASE-p2) >> >> Does anyone know the lower bound for how far back this bug >> exists? Is it only present in the above versions, or does it >> affect earlier versions that aren?t listed? >> >> (trying to come up with a deployment plan for some servers stuck >> on 8.1 and 7.x due to vendors abandoning device drivers) > > Just looked at this, 8.1 and 7.x don't have the optimisation using > the stack so they are unaffected. Yes. The affected code was introduced in r226113 (Oct 7, 2011). Note that the original change is not an "optimization" but a fix to prevent a denial of service situation. Cheers, - -- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTYpqvAAoJEJW2GBstM+nsrtAP/jcbSTn8JhZNHz2dcDACS9wL 5zX3num5bdl9DtQQz2Ulw6KTteSvgxNX2p6FlM97F/2j7SeiBVGPviXDqaA3fjVq 8yS/VrLeJrH0tllAYGv//d0Em72NH5e219j5ov2pgivB3IdQEsNWY9A6uECBqYtY PlUsnX7RJDDTeO+n33y2hZdeD8+YRbfrebD0hTDURcViZB6XF7BEXWWPGXF8spBM 38Dk/OisDaxctm0ZQ03WoKTeCD0vyQCFbFk7ZHlkxa4Q4125PHWwsEstoiRtqShr YQEM/38ZmYp2baAp4lm3qix2mkudN+LsU15jTNvvAug4bVaLs6V6yjMhFllQdCQA rdp21t0eXXJXH6KwzCXP31yw6PyjH9aES71HfgMfwZ9P9kYyqzp29PvFkijg7mw6 LX4H15XO7Y5cEkwIPoIGJNymttBJPwIlQ1M2tT95GT6II5Z3bjIZ6tQjMJQlVFP4 ZKa0T48oqlCR4AsCzXCpPQpoBw628YYZGhq1Akh9B35WUlXD+b1ezqd4GYmdgnDM 6KEMfz1oaCb7mKtMHqzY2MTXuDCC9yTVUwsk676TICi3OD+r9h990BKxIPRocB8h zpOoG2QuesStY+L/pVzOAaWN05wlS/zl7LDLpt5MDCR5DRnwS89lGcJfbEyFJM/z nmIDyekGCTTPQ16zgGMW =gilP -----END PGP SIGNATURE----- _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 delphij. 的文章
文章代碼(AID): #1JOg4oPt (FB_security)
討論串 (同標題文章)
完整討論串 (本文為第 9 之 21 篇):
排序: 最新先 | 最舊先 | 留言數
在新視窗開啟完整討論串 (共21篇)
更多 delphij. 的文章
文章代碼(AID): #1JOg4oPt (FB_security)