diff options
| author | Bruce M Simpson <bms@FreeBSD.org> | 2003-09-23 16:54:39 +0000 |
|---|---|---|
| committer | Bruce M Simpson <bms@FreeBSD.org> | 2003-09-23 16:54:39 +0000 |
| commit | 545e713f93c5fdc915aea11ede9e90e0b01c773c (patch) | |
| tree | ea30c92683c15b98f493ec1bf48217c0b8ccc0f4 /UPDATING | |
| parent | 068214ed63f14fb6153542156c7bd38e48cbf632 (diff) | |
| download | src-545e713f93c5fdc915aea11ede9e90e0b01c773c.tar.gz src-545e713f93c5fdc915aea11ede9e90e0b01c773c.zip | |
Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.
Approved by: security-officer, jake (mentor)
Reported by: Apple Product Security <product-security@apple.com>
Notes
Notes:
svn path=/releng/4.4/; revision=120385
Diffstat (limited to 'UPDATING')
| -rw-r--r-- | UPDATING | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -17,6 +17,11 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20030923: p43 FreeBSD-SA-03:14.arp + Fix a bug in arplookup(), whereby a hostile party on a locally + attached network could exhaust kernel memory, and cause a system + panic, by sending a flood of spoofed ARP requests. + 20030917: p42 FreeBSD-SA-03:13.sendmail Fix another address parsing buffer overflow. |