* Petr Salinger:
> If I understand it correctly, the security problem is
> "it allows remote attackers to guess sensitive values such as IP
> fragmentation IDs by observing a sequence of previously generated
> values".
> By default, the next_value is previous_value+1, i.e. unsecure at all.
> It ca
If I understand it correctly, this means that the fix is present in
kfreebsd-8, but not kfreebsd-7?
Yes.
Not having it enabled by default seems good enough to me.
If I understand it correctly, the security problem is
"it allows remote attackers to guess sensitive values such as IP
fragmenta
severity 559107 normal
thanks
On Thu, Dec 03, 2009 at 02:01:06PM +0100, Petr Salinger wrote:
> severity 559107 important
> --
>
> >But the status of CVE-2008-114[678] is still open. Do they affect the
> >KFreeBSD port? What's the position of the FreeBSD kernel developers on
> >these issues?
>
>
Processing commands for cont...@bugs.debian.org:
> severity 559107 normal
Bug #559107 [kfreebsd-7] weaknesses in BSD PRNG algorithms
Severity set to 'normal' from 'important'
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(a
Processing commands for cont...@bugs.debian.org:
> severity 559107 important
Bug #559107 [kfreebsd-7] weaknesses in BSD PRNG algorithms
Severity set to 'important' from 'grave'
> --
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system administrator
(adm
severity 559107 important
--
But the status of CVE-2008-114[678] is still open. Do they affect the
KFreeBSD port? What's the position of the FreeBSD kernel developers on
these issues?
I used as description this
http://www.trusteer.com/docs/OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictab
6 matches
Mail list logo
