>> >> If SCTP is NOT compiled in the kernel, are you still vulnerable ? >> > >> > No -- we should have mentioned that too. For GENERIC kernel however >> > SCTP is compiled in. >> >> Should probably fix that too, in GENERIC, considering how little used this >> protocol is. > > It is not used much because there is not critical mass and you want > to reduce what little there is out there? It is a good thing that > it is in GENERIC.
While this isn't the place to enumerate the issues with SCTP (beyond the recent advisories) I hope we're not putting anything in the GENERIC kernel for advocacy purposes. Cannot the few who want to use it simply compile their own kernel? Roger _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
