Package: src:kfreebsd-10 Version: 10.1~svn274115-2 Severity: grave Tags: security upstream patch
Hi, A remote DoS was reported in FreeBSD's IGMP packet handling: https://www.freebsd.org/security/advisories/FreeBSD-SA-15:04.igmp.asc This affects all our kfreebsd-8, -9, -10 and -11 packages. I don't know yet if this can be exploited over the public Internet or only on a local network segment. As a mitigation, the PF firewall can probably be configured to block 'proto igmp' packets before the kernel processes them. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: kfreebsd-amd64 (x86_64) Kernel: kFreeBSD 9.0-2-amd64-xenhvm-ipsec Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150225113739.61121.55795.report...@sid.kfreebsd-amd64.pyro.eu.org
