On Monday 29 August 2016 12:11:27 Perry E. Metzger wrote: > On Mon, 29 Aug 2016 11:55:03 +0100 Tixy <t...@yxit.co.uk> wrote: > > On Sun, 2016-08-28 at 15:36 -0400, Perry E. Metzger wrote: > > > On Sun, 28 Aug 2016 14:35:01 +0200 Frederic Marchal > > > > [...] > > > > > > Even if the requirements are met, the attack fails if the > > > > client is protected by a stateful firewall (either on a NAT > > > > router, modem or computer). > > > > > > So essentially no smartphones are protected, > > > > In my experience, devices on mobile phone networks don't have > > public IP addresses, > > Not true, and certainly not universally true. Indeed, more and more > now have v6 addresses as well as v4. Regardless, it makes no > difference as you can still attack the devices in spite of the NAT. > > I don't get why everyone wants to argue that a problem that is known > to be bad and is fixed in the kernel versions released by the kernel > maintainers should be ignored. > > Perry
I concur. Normally security things are pushed right on thru particularly when they are a one file changed in the whole kernel source tree. Why not this time? Cheers, Gene Heskett -- "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) Genes Web page <http://geneslinuxbox.net:6309/gene>