aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2015-08-05 22:05:24 +0000
committerXin LI <delphij@FreeBSD.org>2015-08-05 22:05:24 +0000
commit4ca6726079235a9db843a8a68e1da516d0960102 (patch)
treecd0746f6f2a7dc12f7d52203f4d72409d32c132c
parentfd0d21b4fd3336f5c478ad0c85756ad4641c3519 (diff)
Notes
Diffstat
-rw-r--r--UPDATING4
-rw-r--r--sbin/routed/input.c6
-rw-r--r--sys/conf/newvers.sh2
3 files changed, 11 insertions, 1 deletions
diff --git a/UPDATING b/UPDATING
index c5a3881171b7..7d95b1d5c5b6 100644
--- a/UPDATING
+++ b/UPDATING
@@ -11,6 +11,10 @@ handbook:
Items affecting the ports and packages system can be found in
/usr/ports/UPDATING. Please read that file before running portupgrade.
+20150805: p22 FreeBSD-SA-15:19.routed
+
+ Fix routed remote denial of service vulnerability.
+
20150728: p21 FreeBSD-SA-15:15.tcp
FreeBSD-SA-15:16.openssh
FreeBSD-SA-15:17.bind
diff --git a/sbin/routed/input.c b/sbin/routed/input.c
index aaef37c6885f..6fc5529aed42 100644
--- a/sbin/routed/input.c
+++ b/sbin/routed/input.c
@@ -160,6 +160,12 @@ input(struct sockaddr_in *from, /* received from this IP address */
trace_rip("Recv", "from", from, sifp, rip, cc);
+ if (sifp == 0) {
+ trace_pkt(" discard a request from an indirect router"
+ " (possibly an attack)");
+ return;
+ }
+
if (rip->rip_vers == 0) {
msglim(&bad_router, FROM_NADDR,
"RIP version 0, cmd %d, packet received from %s",
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 658f8a57cc7a..97f3fe8d0d24 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -32,7 +32,7 @@
TYPE="FreeBSD"
REVISION="9.3"
-BRANCH="RELEASE-p21"
+BRANCH="RELEASE-p22"
if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
generated by cgit v1.3 (git 2.53.0) at 2026-04-21 03:23:03 +0000