Hey Juniper, If you're going to send out a security update on what is literally now a 10 year old issue (god I feel old), you should at least wait until Throwback Thursday. :)
2014-07 Security Bulletin: Junos: Denial of Service in TCP packet processing (CVE-2004-0230) Junos now implements the TCP robustness improvements outlined in Section 4 of RFC 5961. Junos will send an ACK in response to any SYN or RST flag received, irrespective of the sequence number. The following software releases have been updated to resolve this specific issue: Junos OS 11.4R11, 12.1R10, 12.1X44-D35, 12.1X45-D25, 12.1X46-D20, 12.1X47-D10, 12.2R8, 12.3R6, 13.1R4, 13.2R4, 13.3R2, 14.1R1, and all subsequent releases (i.e. all releases built after 14.1R1). -- Richard A Steenbergen <[email protected]> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) _______________________________________________ juniper-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
