On 13.11.20 13:35, Adrian Schmutzler wrote:
-----Original Message-----
From: openwrt-devel [mailto:[email protected]]
On Behalf Of Josef Schlehofer
Sent: Freitag, 13. November 2020 09:33
To: [email protected]
Cc: Hauke Mehrtens <[email protected]>
Subject: [PATCH 19.07] kernel: Update kernel 4.14 to version 4.14.206
From: Hauke Mehrtens <[email protected]>
This is a security update as currently in OpenWrt 19.07, there is version
4.14.202 it means that it is vulnerable against vulnerability known as Sad DNS
(DNS cache poisoning). Since kernel 4.14.203, there is present mitigation to
this attack by randomizing ICMP global rate limit.
More details can be found here: https://www.saddns.net/
Compile and runtime tested on x86/64.
Also compile and run tested on all Turris devices (Turris 1.x - powerpc 8540,
Turris Omnia - mvebu/cortex-a9_vfpv3-d16, Turris MOX -
mvebu/aarch64_cortex-a53)
Signed-off-by: Hauke Mehrtens <[email protected]> (cherry picked from
commit 9cdc02be88d5c25791664b1baaf9a7c1a4382c95)
Signed-off-by: Josef Schlehofer <[email protected]> [added
commit message about run testing on Turris devices, added mention about
Sad DNS]
Did you just pick the patch or properly refresh patches again?
Best
Adrian
fwiw,
I took my .205 patch and bumped it again with .206
It's already in my staging tree and compile tests already executed.
Regards,
Koen
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
