diff options
author | ume <ume@FreeBSD.org> | 2001-06-11 18:21:31 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2001-06-11 18:21:31 +0000 |
commit | 87ca61a4b4459b608170b3891010ec4d51be1bbe (patch) | |
tree | fb879e68be9536ee019f0ecb4ef8a79b3309a30a /sys/contrib | |
parent | 4dbd2f66522fa8cf33eae5bc8d8b3279cb238293 (diff) | |
download | FreeBSD-src-87ca61a4b4459b608170b3891010ec4d51be1bbe.zip FreeBSD-src-87ca61a4b4459b608170b3891010ec4d51be1bbe.tar.gz |
This is force commit to mention about previous commit.
- (possible) remote kernel panic fix - out of bounds access on
ill-formed ipopt.
- strict boundary check on ipopt.
- make sure to enforce inbound IPsec policy on all final header.
- add missing ipcomp entry from ipprotosw.
- 127/8 must not appear on wire - RFC1122.
this is rather important as we use weak host model, so outsider
can abuse 127.0.0.1 from outside.
- introduce ipstat.ips_badaddr
- use ipsec_gethist() to prevent packet filters from looking at
decapulated packets.
- remove duplicate 127.0.0.0/8 checking.
Diffstat (limited to 'sys/contrib')
0 files changed, 0 insertions, 0 deletions