Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6

看板FB_security作者時間18年前 (2007/05/01 08:50), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串5/5 (看更多)
On Mon, Apr 30, 2007 at 09:15:42PM +0200, Michael Nottebrock wrote: > On Sunday, 29. April 2007, Eugene Grosbein wrote: > > On Sat, Apr 28, 2007 at 05:34:33PM -0400, Peter Thoenen wrote: > > > Umm maybe its just but I fail to see why this is a security advisory > > > (initially caught this on the OBSD list). You are following the RFC .. > > > if you don't like "evil" packets, then drop them at the firewall or > > > router layer ... don't see the need for an OS fix. > > > > Design flow in the RFC still may be security vulnerability, doesn't it? > > The last "fix" for a IPv6 design flaw contributed by OpenBSD (disable > IPv4-mapped IPv6 addresses by default) caused rather unpleasant side-effects > in a number of applications. Will this change have similar effects? I've > gathered by now that in OpenBSD there is little concern for such things. This functionality required by RFC 2460 appears to be completely unused by any RFC. Kris _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 kris. 的文章
文章代碼(AID): #16Dex800 (FB_security)
更多 kris. 的文章
文章代碼(AID): #16Dex800 (FB_security)