Date: Wed, 28 Jan 2015 15:09:13 -0800 From: "Roger Marquis" <marquis@roble.com> To: "Mark Andrews" <marka@isc.org> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem In-Reply-To: <20150128211910.80082283DA18@rock.dv.isc.org> References: <mailman.92.1422446402.71362.freebsd-security@freebsd.org> <20150128194011.2175B19F@hub.freebsd.org> <20150128211910.80082283DA18@rock.dv.isc.org>
| previous in thread | raw e-mail | index | archive | help
>> >> If SCTP is NOT compiled in the kernel, are you still vulnerable ? >> > >> > No -- we should have mentioned that too. For GENERIC kernel however >> > SCTP is compiled in. >> >> Should probably fix that too, in GENERIC, considering how little used this >> protocol is. > > It is not used much because there is not critical mass and you want > to reduce what little there is out there? It is a good thing that > it is in GENERIC. While this isn't the place to enumerate the issues with SCTP (beyond the recent advisories) I hope we're not putting anything in the GENERIC kernel for advocacy purposes. Cannot the few who want to use it simply compile their own kernel? Roger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>