Hi! > There are two set of patches: > - yours that basically keep the same behavior as pre-CVE-2015-8543 (proto=0) I just desperately tried to get my cluster going again... ;-)
> - Amitay's that restore the intented behavior (proto=255) [...] > I think I'll got for Amitay's patch which probably fixes a lot of > weird behaviors I've seen pre-CVE-2015-8543 (i.e TCP connections not > reset, Ip not properly relocated). This is -- of course -- the way better approach! > I plan to fix this for wheezy and jessie. stretch will come with next > upstream release. > > Givent the importance of the bug, I think it can go thru -security. I think so too -- especially as it is some kind of regression. Thank you very much for taking care of this! -- Adi
signature.asc
Description: Digital signature
