Date: Thu, 12 Apr 2001 05:33:34 +0200 (MEST) From: Harald Schmalzbauer <Harald.Schmalzbauer@gmx.de> To: stable@freebsd.org Subject: IP-Filter in release? Message-ID: <26505.987046414@www51.gmx.net>
next in thread | raw e-mail | index | archive | help
Hello all, since IP-Filter 3.4.16 has a serious security hole in it's fragment state cache, I'd love to see 3.4.17 in 4.3-release. Today there was an article in a very popular german newsticker (http://www.heise.de/newsticker/data/ju-11.04.01-000/) that somebody wrote a downloadable peace of code which generates that fragmented packets, so attacking is made easy to everybody. Right now I'm testing 3.4.17 on RC from today. I had to replace some osreldate.h to param.h but it compiled fine and is running so far without problems. I upgraded my 4.2-stable boxes earlier and it's also running fine. Perhaps Darren can commit it to 4.3? Greetings, -Harry -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?26505.987046414>