Module Name: src
Committed By: martin
Date: Thu May 3 15:02:57 UTC 2018
Modified Files:
src/doc [netbsd-6-0]: CHANGES-6.0.7
Log Message:
Tickets #1546 and #1547
To generate a diff of this commit:
cvs rdiff -u -r1.1.2.142 -r1.1.2.143 src/doc/CHANGES-6.0.7
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/doc/CHANGES-6.0.7
diff -u src/doc/CHANGES-6.0.7:1.1.2.142 src/doc/CHANGES-6.0.7:1.1.2.143
--- src/doc/CHANGES-6.0.7:1.1.2.142 Wed Apr 18 07:20:17 2018
+++ src/doc/CHANGES-6.0.7 Thu May 3 15:02:57 2018
@@ -1,4 +1,4 @@
-# $NetBSD: CHANGES-6.0.7,v 1.1.2.142 2018/04/18 07:20:17 msaitoh Exp $
+# $NetBSD: CHANGES-6.0.7,v 1.1.2.143 2018/05/03 15:02:57 martin Exp $
A complete list of changes from the NetBSD 6.0.6 release to the NetBSD 6.0.7
release:
@@ -15459,3 +15459,16 @@ sys/netipsec/ipsec_mbuf.c 1.23-1.24
Don't assume M_PKTHDR is set only on the first mbuf of the chain.
Fix a pretty bad mistake (IPsec DoS).
[maxv, ticket #1545]
+
+sys/netipsec/ipsec_output.c 1.67,1.75 (patch)
+
+ compute_ipsec_pos: strengthen checks to avoid overruns,
+ allow the function to fail (and drop the misformed packet).
+ [maxv, ticket #1546]
+
+sys/kern/uipc_mbuf.c 1.211
+
+ Modify m_defrag, so that it never frees the first mbuf of
+ the chain.
+ [maxv, ticket #1547]
+
