Date: Fri, 13 Dec 2002 13:12:39 +0300 From: Solar Designer <solar@...nwall.com> To: Steve G <linux_4ever@...oo.com> Cc: "Dmitry V. Levin" <ldv@...linux.org>, xvendor@...ts.openwall.com Subject: Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of service vulnerability] Hi Steve, Perhaps you're aware of whether this is fixed in development versions and what the fix was? On Fri, Dec 13, 2002 at 03:15:33AM +0300, Dmitry V. Levin wrote: > On Thu, Dec 05, 2002 at 05:09:08PM -0500, Ryan Cleary wrote: > > On 4 Dec 2002, Dan Rowles wrote: > [...] > > Red Hat is using the "epoch" field in the RPM metadata to allow you to > > automatically "upgrade" (or freshen) from 2.3.9 (epoch 1) back to 2.3.7 > > (epoch 2). > > > > They rolled back to 2.3.7 because 2.3.9 was leaving stale TCP connections > > in the CLOSE_WAIT state, according to their bugzilla database: > > http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76146 for more info. > > There is a real problem with hanging file descriptors which makes 2.3.9 > unusable on production servers (just tested on ftp.altlinux.com). > > More over, xinetd passes these hundreds of descriptors to spawned children. :( > > Any ideas? > > > -- > ldv -- /sd
Powered by blists - more mailing lists
Please check out the xvendor mailing list charter.