-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/01/14 05:19, Bob Bishop wrote: > Hi, > >> From: Kevin Day <[email protected]> To: >> [email protected] Subject: Re: FreeBSD Security >> Advisory FreeBSD-SA-14:08.tcp >> >>> Affects: All supported versions of FreeBSD. Corrected: >>> 2014-04-30 04:04:20 UTC (stable/8, 8.4-STABLE) 2014-04-30 >>> 04:05:47 UTC (releng/8.4, 8.4-RELEASE-p9) 2014-04-30 04:05:47 >>> UTC (releng/8.3, 8.3-RELEASE-p16) 2014-04-30 04:04:20 UTC >>> (stable/9, 9.2-STABLE) 2014-04-30 04:05:47 UTC (releng/9.2, >>> 9.2-RELEASE-p5) 2014-04-30 04:05:47 UTC (releng/9.1, >>> 9.1-RELEASE-p12) 2014-04-30 04:03:05 UTC (stable/10, >>> 10.0-STABLE) 2014-04-30 04:04:42 UTC (releng/10.0, >>> 10.0-RELEASE-p2) >> >> Does anyone know the lower bound for how far back this bug >> exists? Is it only present in the above versions, or does it >> affect earlier versions that aren?t listed? >> >> (trying to come up with a deployment plan for some servers stuck >> on 8.1 and 7.x due to vendors abandoning device drivers) > > Just looked at this, 8.1 and 7.x don't have the optimisation using > the stack so they are unaffected. Yes. The affected code was introduced in r226113 (Oct 7, 2011). Note that the original change is not an "optimization" but a fix to prevent a denial of service situation. Cheers, - -- Xin LI <[email protected]> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (FreeBSD) iQIcBAEBCgAGBQJTYpqvAAoJEJW2GBstM+nsrtAP/jcbSTn8JhZNHz2dcDACS9wL 5zX3num5bdl9DtQQz2Ulw6KTteSvgxNX2p6FlM97F/2j7SeiBVGPviXDqaA3fjVq 8yS/VrLeJrH0tllAYGv//d0Em72NH5e219j5ov2pgivB3IdQEsNWY9A6uECBqYtY PlUsnX7RJDDTeO+n33y2hZdeD8+YRbfrebD0hTDURcViZB6XF7BEXWWPGXF8spBM 38Dk/OisDaxctm0ZQ03WoKTeCD0vyQCFbFk7ZHlkxa4Q4125PHWwsEstoiRtqShr YQEM/38ZmYp2baAp4lm3qix2mkudN+LsU15jTNvvAug4bVaLs6V6yjMhFllQdCQA rdp21t0eXXJXH6KwzCXP31yw6PyjH9aES71HfgMfwZ9P9kYyqzp29PvFkijg7mw6 LX4H15XO7Y5cEkwIPoIGJNymttBJPwIlQ1M2tT95GT6II5Z3bjIZ6tQjMJQlVFP4 ZKa0T48oqlCR4AsCzXCpPQpoBw628YYZGhq1Akh9B35WUlXD+b1ezqd4GYmdgnDM 6KEMfz1oaCb7mKtMHqzY2MTXuDCC9yTVUwsk676TICi3OD+r9h990BKxIPRocB8h zpOoG2QuesStY+L/pVzOAaWN05wlS/zl7LDLpt5MDCR5DRnwS89lGcJfbEyFJM/z nmIDyekGCTTPQ16zgGMW =gilP -----END PGP SIGNATURE----- _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"