VIMAGE + pf security fix?
Bjoern A. Zeeb
bz at FreeBSD.org
Fri Nov 21 10:52:14 UTC 2014
On 21 Nov 2014, at 08:06 , Craig Rodrigues <rodrigc at FreeBSD.org> wrote:
> On Thu, Nov 20, 2014 at 10:07 AM, Craig Rodrigues <rodrigc at freebsd.org>
>> On Wed, Nov 19, 2014 at 6:05 AM, Bjoern A. Zeeb <bz at freebsd.org> wrote:
>>> For people to use pf with VIMAGE we first MUST have the security fix
>>> imported that I pointed out a couple of times in the past.
>> At this link: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3830
>> I see the security issue mentioned, but I can't find the patch that fixes
>> the problem.
>> Where is the patch?
> I read this link:
> and I think this is the fix:
> but I can’t even apply that patch to our pf_ioctl.c.
to my best knowledge we have never pulled a fix for this in. The last “sync” of pf was way before that vulnerability (unless I completely missed something).
Bjoern A. Zeeb "Come on. Learn, goddamn it.", WarGames, 1983
More information about the freebsd-virtualization