New errata: IPsec bugs. Source material for this errata note was...

Submitted by: Bjoern A. Zeeb < bzeeb at Zabbadoz dot NeT >
2004-01-21 17:03:13 +00:00 · 2004-01-21 17:03:13 +00:00 · e14bbf3fc5
commit e14bbf3fc5
parent ec76705497
1 changed files with 14 additions and 0 deletions
--- a/release/doc/en_US.ISO8859-1/errata/article.sgml
+++ b/release/doc/en_US.ISO8859-1/errata/article.sgml
@ -233,6 +233,20 @@
      system password file.  Users are strongly urged to upgrade to
      version 3.1.4_1 of this port/package.</para>

+    <para>(21 Jan 2004) Some bugs in the IPsec implementation imported
+      from the KAME Project can result in memory objects being freed
+      before all references to them were removed.  Reported symptoms
+      include erratic behavior or kernel panics after flushing the
+      Security Policy Database (SPD).  Some of these problems have
+      been fixed in &os; &release.current; in rev. 1.31 of
+      <filename>src/sys/netinet6/ipsec.c</filename>, rev. 1.136 of
+      <filename>src/sys/netinet/in_pcb.c</filename>, and revs. 1.63
+      and 1.64 of <filename>src/sys/netkey/key.c</filename>.  More
+      information about these problems has been posted to the
+      &a.current;, in particular the thread entitled <ulink 
+      url="http://lists.freebsd.org/pipermail/freebsd-current/2004-January/thread.html#18084">
+      <quote>[PATCH] IPSec fixes</quote></ulink>.</para>
+
 ]]>

  </sect1>