aboutsummaryrefslogtreecommitdiffstats
path: root/UPDATING
diff options
context:
space:
mode:
authorBruce M Simpson <bms@FreeBSD.org>2003-09-23 16:54:39 +0000
committerBruce M Simpson <bms@FreeBSD.org>2003-09-23 16:54:39 +0000
commit545e713f93c5fdc915aea11ede9e90e0b01c773c (patch)
treeea30c92683c15b98f493ec1bf48217c0b8ccc0f4 /UPDATING
parent068214ed63f14fb6153542156c7bd38e48cbf632 (diff)
downloadsrc-545e713f93c5fdc915aea11ede9e90e0b01c773c.tar.gz
src-545e713f93c5fdc915aea11ede9e90e0b01c773c.zip
Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system panic, by sending a flood of spoofed ARP requests. Approved by: security-officer, jake (mentor) Reported by: Apple Product Security <product-security@apple.com>
Notes
Notes: svn path=/releng/4.4/; revision=120385
Diffstat (limited to 'UPDATING')
-rw-r--r--UPDATING5
1 files changed, 5 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index f85518baf358..047fe05ffc6a 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,11 @@ minimal number of processes, if possible, for that patch. For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
+20030923: p43 FreeBSD-SA-03:14.arp
+ Fix a bug in arplookup(), whereby a hostile party on a locally
+ attached network could exhaust kernel memory, and cause a system
+ panic, by sending a flood of spoofed ARP requests.
+
20030917: p42 FreeBSD-SA-03:13.sendmail
Fix another address parsing buffer overflow.