diff options
author | Bruce M Simpson <bms@FreeBSD.org> | 2003-09-23 16:54:39 +0000 |
---|---|---|
committer | Bruce M Simpson <bms@FreeBSD.org> | 2003-09-23 16:54:39 +0000 |
commit | 86b3a2088e55810222fb765837135fd098a9b936 (patch) | |
tree | f834664aedd6bc7a6029a20dd2cbae8da0867cd2 /UPDATING | |
parent | a3fd61e4f548f156e9b3750877a3a98a1b7e3fc9 (diff) | |
download | src-86b3a2088e55810222fb765837135fd098a9b936.tar.gz src-86b3a2088e55810222fb765837135fd098a9b936.zip |
Fix a bug in arplookup(), whereby a hostile party on a locally
attached network could exhaust kernel memory, and cause a system
panic, by sending a flood of spoofed ARP requests.
Approved by: security-officer, jake (mentor)
Reported by: Apple Product Security <product-security@apple.com>
Notes
Notes:
svn path=/releng/4.3/; revision=120385
Diffstat (limited to 'UPDATING')
-rw-r--r-- | UPDATING | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -16,6 +16,11 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20030923: p39 FreeBSD-SA-03:14.arp + Fix a bug in arplookup(), whereby a hostile party on a locally + attached network could exhaust kernel memory, and cause a system + panic, by sending a flood of spoofed ARP requests. + 20030917: p38 FreeBSD-SA-03:13.sendmail Fix another address parsing buffer overflow. |