r1284 - in trunk/kfreebsd-6/debian: . patches
Author: aurel32
Date: 2006-03-01 19:31:19 +0000 (Wed, 01 Mar 2006)
New Revision: 1284
Added:
trunk/kfreebsd-6/debian/patches/000_nfsserver.diff
Modified:
trunk/kfreebsd-6/debian/changelog
Log:
* Fix a remote denial of service in NFS server (FreeBSD-SA-06:10.nfs / CVE-2006-0900).
Modified: trunk/kfreebsd-6/debian/changelog
===================================================================
--- trunk/kfreebsd-6/debian/changelog 2006-03-01 19:18:46 UTC (rev 1283)
+++ trunk/kfreebsd-6/debian/changelog 2006-03-01 19:31:19 UTC (rev 1284)
@@ -40,6 +40,8 @@
- arch/amd64/em64t-p4.config: New. P4 config.
- patches/907_cpu_class.diff: Set hw.machine to "x86_64". This improves
compatibility with old config.sub scripts.
+ [ Aurelien Jarno ]
+ * Fix a remote denial of service in NFS server (FreeBSD-SA-06:10.nfs / CVE-2006-0900).
-- Robert Millan <rmh@aybabtu.com> Tue, 28 Feb 2006 12:42:18 +0100
Added: trunk/kfreebsd-6/debian/patches/000_nfsserver.diff
===================================================================
--- trunk/kfreebsd-6/debian/patches/000_nfsserver.diff 2006-03-01 19:18:46 UTC (rev 1283)
+++ trunk/kfreebsd-6/debian/patches/000_nfsserver.diff 2006-03-01 19:31:19 UTC (rev 1284)
@@ -0,0 +1,11 @@
+--- sys/nfsserver/nfs_srvsock.c 28 Jan 2006 19:24:40 -0000 1.96
++++ sys/nfsserver/nfs_srvsock.c 25 Feb 2006 21:27:10 -0000
+@@ -592,7 +592,7 @@
+ slp->ns_flag |= SLP_LASTFRAG;
+ else
+ slp->ns_flag &= ~SLP_LASTFRAG;
+- if (slp->ns_reclen > NFS_MAXPACKET) {
++ if (slp->ns_reclen > NFS_MAXPACKET || slp->ns_reclen <= 0) {
+ slp->ns_flag &= ~SLP_GETSTREAM;
+ return (EPERM);
+ }
Reply to: