Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
--nextPart3660441.g4SKycOeRV
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Sunday, 29. April 2007, Eugene Grosbein wrote:
> On Sat, Apr 28, 2007 at 05:34:33PM -0400, Peter Thoenen wrote:
> > Umm maybe its just but I fail to see why this is a security advisory
> > (initially caught this on the OBSD list). You are following the RFC ..
> > if you don't like "evil" packets, then drop them at the firewall or
> > router layer ... don't see the need for an OS fix.
>
> Design flow in the RFC still may be security vulnerability, doesn't it?
The last "fix" for a IPv6 design flaw contributed by OpenBSD (disable=20
IPv4-mapped IPv6 addresses by default) caused rather unpleasant side-effect=
s=20
in a number of applications. Will this change have similar effects? I've=20
gathered by now that in OpenBSD there is little concern for such things.
=2D-=20
,_, | Michael Nottebrock | lofi@freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org
--nextPart3660441.g4SKycOeRV
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQBGNkBfXhc68WspdLARAno7AJ4pkybUoYLRxAcTiH0K4KuOIkR0SwCfUHtS
oJaRPPqw1CRvahVwvUUG+YA=
=nSFo
-----END PGP SIGNATURE-----
--nextPart3660441.g4SKycOeRV--
討論串 (同標題文章)
完整討論串 (本文為第 4 之 5 篇):