VIMAGE + pf security fix?
Craig Rodrigues
rodrigc at FreeBSD.org
Fri Nov 21 08:07:00 UTC 2014
On Thu, Nov 20, 2014 at 10:07 AM, Craig Rodrigues <rodrigc at freebsd.org>
wrote:
> On Wed, Nov 19, 2014 at 6:05 AM, Bjoern A. Zeeb <bz at freebsd.org> wrote:
>
>>
>> For people to use pf with VIMAGE we first MUST have the security fix
>> imported that I pointed out a couple of times in the past.
>>
>
> At this link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3830
>
> I see the security issue mentioned, but I can't find the patch that fixes
> the problem.
> Where is the patch?
>
I read this link:
http://esec-lab.sogeti.com/post/2010/12/09/CVE-2010-3830-iOS-4.2.1-packet-filter-local-kernel-vulnerability
and I think this is the fix:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_ioctl.c?rev=1.236&content-type=text/x-cvsweb-markup
but I can't even apply that patch to our pf_ioctl.c.
--
Craig
More information about the freebsd-virtualization
mailing list