FreeBSD Security Advisory FreeBSD-SA-07:03.ipv6
Michael Nottebrock
lofi at freebsd.org
Tue May 1 00:27:06 UTC 2007
On Sunday, 29. April 2007, Eugene Grosbein wrote:
> On Sat, Apr 28, 2007 at 05:34:33PM -0400, Peter Thoenen wrote:
> > Umm maybe its just but I fail to see why this is a security advisory
> > (initially caught this on the OBSD list). You are following the RFC ..
> > if you don't like "evil" packets, then drop them at the firewall or
> > router layer ... don't see the need for an OS fix.
>
> Design flow in the RFC still may be security vulnerability, doesn't it?
The last "fix" for a IPv6 design flaw contributed by OpenBSD (disable
IPv4-mapped IPv6 addresses by default) caused rather unpleasant side-effects
in a number of applications. Will this change have similar effects? I've
gathered by now that in OpenBSD there is little concern for such things.
--
,_, | Michael Nottebrock | lofi at freebsd.org
(/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org
\u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20070501/916e9026/attachment.pgp
More information about the freebsd-security
mailing list