Commit Graph

6 Commits

Author SHA1 Message Date
Xin LI
577cb6d743 Resolve conflicts. 2008-03-20 02:56:24 +00:00
Xin LI
555470d474 bzip2.c: SA-05:14.bzip2 has been resolved by the author
in a different way.  Make the file just the same as it
is in the vendor branch to make it easier for future
upgrade.
2007-03-28 07:45:41 +00:00
Simon L. B. Nielsen
0a389eab22 Fix ipfw packet matching errors with address tables.
The ipfw tables lookup code caches the result of the last query.  The
kernel may process multiple packets concurrently, performing several
concurrent table lookups.  Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.

Submitted by:	ru
Reviewed by:	csjp, mlaier
Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 permission race condition vulnerability.

Obtained from:	Steve Grubb via RedHat
Security:	CAN-2005-0953
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial of service vulnerability.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Submitted by:	Noritoshi Demizu
Reviewed by:	andre, Mohan Srinivasan
Security:	CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	re (security blanket), cperciva
2005-06-29 21:36:49 +00:00
David E. O'Brien
f7a4f99f70 Virgin import (trimmed) of Bzip2 version 1.0.3. 2005-05-16 18:31:55 +00:00
Maxim Sobolev
ed14b6e01a Virgin import (trimmed) of Bzip2 version 1.0.2 2002-02-01 16:28:01 +00:00
David E. O'Brien
df9de0eba1 Virgin import (trimmed) of Bzip2 version 1.0.1. 2001-06-21 18:37:17 +00:00