Fix a bug in arplookup(), whereby a hostile party on a locally

attached network could exhaust kernel memory, and cause a system panic, by sending a flood of spoofed ARP requests. Approved by: jake (mentor) Reported by: Apple Product Security <product-security@apple.com>
author: bms <bms@FreeBSD.org> 2003-09-23 16:39:31 +0000
committer: bms <bms@FreeBSD.org> 2003-09-23 16:39:31 +0000
commit: 3d68723716bfa0987b31777ec7ab2c4cb4bd7030 (patch)
tree: 39b365ca4e6e45f1b4ba32e515175fab4b7f374e /UPDATING
parent: 9957f857c4e5ca3260e0cffadbf68c55f72fa332 (diff)
download: FreeBSD-src-3d68723716bfa0987b31777ec7ab2c4cb4bd7030.zip
FreeBSD-src-3d68723716bfa0987b31777ec7ab2c4cb4bd7030.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/UPDATING b/UPDATING
index 92b0467..608152f 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,12 @@ NOTE TO PEOPLE WHO THINK THAT 5.0-CURRENT IS SLOW:
 	developers choose to disable these features on build machines
 	to maximize performance.
 
+20030923:
+	Fix a bug in arplookup(), whereby a hostile party on a locally
+	attached network could exhaust kernel memory, and cause a system 
+	panic, by sending a flood of spoofed ARP requests. See
+	FreeBSD-SA-03:14.arp.
+
 20030915:
 	A change to /etc/defaults/rc.conf now causes inetd to be started
 	with `-C 60' if it is not overridden in /etc/rc.conf.  This
author	bms <bms@FreeBSD.org>	2003-09-23 16:39:31 +0000
committer	bms <bms@FreeBSD.org>	2003-09-23 16:39:31 +0000
commit	3d68723716bfa0987b31777ec7ab2c4cb4bd7030 (patch)
tree	39b365ca4e6e45f1b4ba32e515175fab4b7f374e /UPDATING
parent	9957f857c4e5ca3260e0cffadbf68c55f72fa332 (diff)
download	FreeBSD-src-3d68723716bfa0987b31777ec7ab2c4cb4bd7030.zip FreeBSD-src-3d68723716bfa0987b31777ec7ab2c4cb4bd7030.tar.gz