K 10
svn:author
V 7
rwatson
K 8
svn:date
V 27
2001-02-04T05:48:59.000000Z
K 7
svn:log
V 816
A recent commit (1.131.2.13) removed the security fix associated with
FreeBSD-SA-01:08, breaking the "established" TCP matching flag even
more than it was prior to the security advisory.  Reinstate the fix by
restoring the conditional assocated with entering tcpflg_match().

Reported by a number of people via send-pr, security-officer,
et al., including:

  Steven Farmer <steve@megahack.com>
  Bernd Luevelsmeyer <bdluevel@heitec.net>
  Andrew Gordon <arg@arg1.demon.co.uk>

Thanks to those people for bringing this to our attention in such a
timely manner.  An updated advisory and/or announcement to the
freebsd-stable mailing list will be forthcoming, once all parties have
confirmed that this resolves the problems they were experiencing.

PR:		24833
Approved by:	security-officer
Slap on the wrist to:	luigi

END