On Tue, 23 Nov 2010 03:52:28 +0000 Ben Hutchings <[email protected]> wrote:
> Recent review has revealed several bugs in obscure protocol > implementations that can be exploited by local users for denial of > service or privilege escalation. > > The econet protocol (PF_ECONET) is unmaintained. There appear to be > no published applications for it, and it has never progressed beyond > 'experimental' status. > > This protocol generally should not be enabled by distributions, since > the cost of a security flaw affecting all installed systems presumably > outweighs the benefit to the few (if any) legitimate users. > > Signed-off-by: Ben Hutchings <[email protected]> This I agree with. Probably the Arcnet devices as well. Most distro's don't enable it anyway. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/20101122203236.029c8...@nehalam
