Bug#639426: Changes from longterm 188.8.131.52
On Sat, 2011-08-27 at 04:18 +0100, Ben Hutchings wrote:
> 263b893 net: Compute protocol sequence numbers and fragment IDs using MD5.
> Fixes cryptographic weakness that allows blind spoofing of TCP/IP
> packets (i.e. the attacker does not need access to a switch or router
> between the connection endpoints). This may allow privilege escalation
> or denial of service, depending on the protocols and authentication
> schemes used by a targetted system.
This is CVE-2011-3188, and will be included in 2.6.32-35squeeze1.