There was meant to be an announcement on v7 at the recent MUM but that did not occur. I've dropped our IPv6 just in case - Wasn't in use yet anyway luckily.
On Fri, Mar 29, 2019 at 11:17 AM Mike Everest <[email protected]> wrote: > On the point of “the fix is in v7” > > > > That kind of statement is usually code for “it’s a kernel issue” since the > major version number of RouterOS has (so far) related to linux kernel > revision. Therefore, if that is the official position on this problem, > then there may be some logical conclusions that might be drawn: > > > > 1. Maybe this can’t be fixed in current routerOS v6.xx > > 2. Maybe other OS based on linux kernel may also be affected > > > > Pure conjecture from me, of course – despite the relatively ‘close’ > relationship that we have with MikroTik, we are not much better informed > than everyone else when it comes to this sort of thing :-} > > Cheers! > > Mike. > > > > *From:* AusNOG [mailto:[email protected]] *On Behalf Of *Rob > Thomas > *Sent:* Friday, 29 March 2019 10:50 AM > *To:* Cameron Murray <[email protected]> > *Cc:* <[email protected]> <[email protected]> > *Subject:* Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you > have Public IPv6 Facing Mikrotik > > > > Quick summary of the problem: > > > > * From the description it appears to be a kernel-level issue - when a > MikroTik device receives a magic IPv6 packet, it will panic. > > * MikroTik have known about it for almost a year, and have not fixed it. > > * It is not fixed in the latest 6.44.1 image > > * The discoverer has been trying to practice responsible disclosure, but > has given up > > > > Further things: > > * MikroTik HAVE acknowledged it in a new thread a couple of hours ago > > https://forum.mikrotik.com/viewtopic.php?f=2&t=147048#p723696 > > * Twitter thread from the guy who discovered it: > > https://twitter.com/maznu/status/1110910688623513601 > > * There's a comment 'The fix is in v7' - theres a long running joke that > v7 will never emerge (it probably never will, they've lost most of their > senior engineers, and refuse to open source their code to leverage their > developers in the community) > > > > I guess the good thing for me is that Nexium still can't provide us IPv6 > so we're kinda safe up here 8) > > > > --Rob > > > > > > On Fri, 29 Mar 2019 at 09:25, Cameron Murray <[email protected]> > wrote: > > Guys, > > > > This has just popped up on the Mikrotik forums that I am sure many on the > list need to be aware of. > > > > If you run Mikrotik in your network and have IPv6 on a Public facing > interface please check the following link: > https://forum.mikrotik.com/viewtopic.php?t=147076 > > > > Cheers > > > > Cameron > > _______________________________________________ > AusNOG mailing list > [email protected] > http://lists.ausnog.net/mailman/listinfo/ausnog > >
_______________________________________________ AusNOG mailing list [email protected] http://lists.ausnog.net/mailman/listinfo/ausnog
