Your message dated Tue, 22 Mar 2005 19:54:48 +0900
with message-id <[EMAIL PROTECTED]>
and subject line Bug#295947: kernel-source-2.6.10: [CAN-2005-0449]
skb_checksum_help DoS
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 19 Feb 2005 09:45:11 +0000
>From [EMAIL PROTECTED] Sat Feb 19 01:45:11 2005
Return-path: <[EMAIL PROTECTED]>
Received: from krepost.taket.org (localhost) [82.233.235.217]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D2RAk-0006vH-00; Sat, 19 Feb 2005 01:45:11 -0800
Received: from djoume by localhost with local (Exim 4.44)
id 1D26FI-0001xW-Tn; Fri, 18 Feb 2005 12:24:28 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Djoume SALVETTI <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: kernel-source-2.6.10: [CAN-2005-0449] skb_checksum_help DoS
X-Mailer: reportbug 3.7.1
Date: Fri, 18 Feb 2005 12:24:28 +0100
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-10.3 required=4.0 tests=BAYES_00,DATE_IN_PAST_12_24,
HAS_PACKAGE,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: kernel-source-2.6.10
Severity: normal
Good day,
>From CAN-2005-0449 :
| The netfilter/iptables module in Linux before 2.6.8.1 allows remote
| attackers to cause a denial of service (kernel crash) or bypass
| firewall rules via crafted packets, which are not properly handled by
| the skb_checksum_help function.
More info is available here :
http://oss.sgi.com/archives/netdev/2005-01/msg01036.html
I believe this CAN is bogus as 2.6.10 seems to be vulnerable.
A patch from Herbet Xu is available here :
http://oss.sgi.com/archives/netdev/2005-01/msg01072.html
Regards.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: powerpc (ppc)
Kernel: Linux 2.6.9-rfb-swsusp
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 295947-done) by bugs.debian.org; 22 Mar 2005 10:55:38 +0000
>From [EMAIL PROTECTED] Tue Mar 22 02:55:38 2005
Return-path: <[EMAIL PROTECTED]>
Received: from koto.vergenet.net [210.128.90.7]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DDh2w-0001HI-00; Tue, 22 Mar 2005 02:55:38 -0800
Received: by koto.vergenet.net (Postfix, from userid 7100)
id 3751E34034; Tue, 22 Mar 2005 19:32:30 +0900 (JST)
Date: Tue, 22 Mar 2005 19:54:48 +0900
From: Horms <[EMAIL PROTECTED]>
To: Djoume SALVETTI <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Subject: Re: Bug#295947: kernel-source-2.6.10: [CAN-2005-0449]
skb_checksum_help DoS
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
X-Cluestick: seven
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Fri, Feb 18, 2005 at 12:24:28PM +0100, Djoume SALVETTI wrote:
> Package: kernel-source-2.6.10
> Severity: normal
>
>
> Good day,
>
> >From CAN-2005-0449 :
kernel-source-2.6.10 is being replaced by kernel-source-2.6.11,
and kernel-source-2.6.11 includes the fix for CAN-2005-0449.
http://oss.sgi.com/archives/netdev/2005-01/msg01048.html
http://oss.sgi.com/archives/netdev/2005-01/msg01104.html
It also includes the fix for CAN-2004-0201, which is the
fix you quoted in your bug report,
http://oss.sgi.com/archives/netdev/2005-01/msg01072.html
--
Horms
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
