Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!spool.mu.edu!newspump.sol.net!howland.erols.net!news.mathworks.com!uunet!in3.uu.net!omega.metrics.com!omega.metrics.com!not-for-mail
From: polk@BSDI.COM
Newsgroups: comp.unix.bsd.bsdi.announce
Subject: BSDI: New official patches for BSD/OS 2.1
Followup-To: comp.unix.bsd.bsdi.misc
Date: 29 Oct 1996 21:05:35 -0500
Organization: Software Metrics Inc.
Lines: 89
Sender: tomh@omega.metrics.com
Approved: tomh@metrics.com
Message-ID: <556d5f$67s@omega.metrics.com>
NNTP-Posting-Host: omega.metrics.com
There are several new patches available from the patches
server or via the ftp archive at;
ftp://ftp.bsdi.com/bsdi/patches/patches-2.1
All of the README file entries are appended at the bottom of this
message. The patches are K210-024, U210-027, and U210-028.
The kernel patch (K210-024) enhances the recent K210-021 and K210-022
networking patches (see the README entry below for more info).
The two utilities patches update sendmail to version 8.8.2 to fix
misc. security problems in previous versions (U210-027) and close
a buffer overflow hole in lpr which could allow local users to gain
root access (U210-028). An exploitation script for the lpr hole
was recently posted to the bsdi-users mailing list.
Jeff
--
/\ Jeff Polk Berkeley Software Design, Inc. (BSDI)
/\/ \ polk@BSDI.COM 5575 Tech Center Dr. #110, Colo Spgs, CO 80919
===================================================================
PATCH:
K210-024
SUMMARY:
This patch enhances the K210-021 and K210-022 patches.
IP fragmentation:
o Setting "sysctl -w net.inet.ip.maxfragpackets=0"
will now cause all IP fragments to be dropped.
o Setting "sysctl -w net.inet.ip.maxfragpackets=-1"
will effectively remove the limit.
o If maxfragpackets is reduced, the fragment queue
will now be trimmed back to the new, lower limit,
rather than waiting for fragments to time out.
TCP SYN caching:
o Receiving an ICMP Unreachable or a RST for a cached
connection will now remove that cached entry.
o We no longer send out the Timestamps or Scale option
if we receive a SYN without any TCP options, and the
MAXSEG value is now filled in correctly (it was byte
swapped).
o When turning around the TCP packet for the SYN,ACK,
make sure we have space for the TCP options, and if
not, make some space.
md5 checksum: d7dfc8b6c528ab18f4a10aa572eda1b8 K210-024
===================================================================
PATCH:
U210-027
SUMMARY:
This patch updates sendmail to the official 8.8.2 release which
fixes some security problems from previous versions.
md5 checksum: 6aa1980f928fdc0cf3e7ec4204e54e2c U210-027
===================================================================
PATCH:
U210-028
SUMMARY:
This patch fixes a buffer overflow problem which can allow
local users to gain root access. This problem has received
press recently via Bugtraq, and an exploitation script was
recently posted to bsdi-users.
md5 checksum: 2afffb5ac46465a9aa51a7573c8ce639 U210-028
===================================================================
--
[ /tom haapanen -- tomh@metrics.com -- software metrics inc -- waterloo, ont ]
[ "walk a straight line through a cow pasture, and you'll step ]
[ in some cow pies, but you'll get where you are going." -- joe kidd ]