On Tue, Nov 06, 2007 at 08:08:35AM -0800, Randy Bush wrote: > it is alleged that rh0 is processed in 6.2 (< > http://www.6journal.org/archive/00000284/01/IPv6_RH_security-csw07.pdf>). > is this true. is rh0 processed in 7 and -current?
6.2-RELEASE with no patches does process rh0 like basicly every other IPv6 capable system released when it was. If you run 6.2-RELEASE with patches it does not unless the sysctl net.inet6.ip6.rthdr0_allowed is enabled. I believe the functionality was removed in from HEAD and thus was never in RELENG_7. http://security.freebsd.org/advisories/FreeBSD-SA-07:03.ipv6.asc -- Brooks
pgpI9Syhbp278.pgp
Description: PGP signature
