Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- From: Kris Kennaway <kris@xxxxxxxxxxxxxx>
- Date: Mon, 30 Apr 2007 20:48:44 -0400
On Mon, Apr 30, 2007 at 09:15:42PM +0200, Michael Nottebrock wrote:
On Sunday, 29. April 2007, Eugene Grosbein wrote:
On Sat, Apr 28, 2007 at 05:34:33PM -0400, Peter Thoenen wrote:
Umm maybe its just but I fail to see why this is a security advisory
(initially caught this on the OBSD list). You are following the RFC ..
if you don't like "evil" packets, then drop them at the firewall or
router layer ... don't see the need for an OS fix.
Design flow in the RFC still may be security vulnerability, doesn't it?
The last "fix" for a IPv6 design flaw contributed by OpenBSD (disable
IPv4-mapped IPv6 addresses by default) caused rather unpleasant side-effects
in a number of applications. Will this change have similar effects? I've
gathered by now that in OpenBSD there is little concern for such things.
This functionality required by RFC 2460 appears to be completely
unused by any RFC.
Kris
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- From: Michael Nottebrock
- Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- Prev by Date: Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- Next by Date: Anybody may fix samba and php in frozen ports ?
- Previous by thread: Re: FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
- Next by thread: Anybody may fix samba and php in frozen ports ?
- Index(es):
Relevant Pages
|
