he is real ... but from the Linux side :)
but maybe the second troll of the thread.
I cannot imagine anyone being that ignorant.
Sent with ProtonMail Secure Email.
‐‐‐ Original Message ‐‐‐
On Friday, 30 October 2020 13:36, Florian Obser wrote:
> On Fri, Oct 30, 2020 at 11:58:41AM
we battered the IETF, and even government interest, on this for years back in
late 2007, and beyond ... any remember IPv5? :)
IPv6 is a massive security risk in so many ways.
No real NAT so you are distributed into the worldwide even if billions of
addresses there is no protection.
There
Am Fr., 30. Okt. 2020 um 13:36 Uhr schrieb Florian Obser :
> On Fri, Oct 30, 2020 at 11:58:41AM +0100, Martin Schröder wrote:
> > I'd much prefer that the project adopted a" v6 first, vintage ip
> > second" approach.
> > But I'm not a dev.
>
> ... you are saying if you were a dev things would be
On Fri, Oct 30, 2020 at 11:58:41AM +0100, Martin Schröder wrote:
> Am Fr., 30. Okt. 2020 um 11:54 Uhr schrieb Denis Fondras
> :
> > Please, fix your tweet. The default install answer for IPv6 is 'none'.
>
> This borders on "switch off v6 for security reasons", which would be just
> wrong.
On Fri, Oct 30, 2020 at 11:15:31AM +0100, js-openbsd-m...@webkeks.org wrote:
| What about link-local IPv6? That's active by default, isn't it?
It is not. You need to enable IPv6 on an interface to get a
link-local address on it, only the loopback interface is special in
this sense that it gets
On Fri, Oct 30, 2020 at 11:58:41AM +0100, Martin Schröder wrote:
> Am Fr., 30. Okt. 2020 um 11:54 Uhr schrieb Denis Fondras
> :
> > Please, fix your tweet. The default install answer for IPv6 is 'none'.
>
> This borders on "switch off v6 for security reasons", which would be just
> wrong.
>
>
Am Fr., 30. Okt. 2020 um 11:54 Uhr schrieb Denis Fondras :
> Please, fix your tweet. The default install answer for IPv6 is 'none'.
This borders on "switch off v6 for security reasons", which would be just wrong.
I'd much prefer that the project adopted a" v6 first, vintage ip
second" approach.
On Fri, Oct 30, 2020 at 11:36:33AM +0100, js-openbsd-m...@webkeks.org wrote:
> To close this thread, I found this:
> https://twitter.com/m00nbsd/status/1321524807473782784
>
Please, fix your tweet. The default install answer for IPv6 is 'none'.
> Honestly, as one of the devs involved with this security fix, I can tell
> you that I don't know. It is a use-after-free in some situations.
> Is it reachable from remote? I don't know.
> Is it reachable from local? Maybe.
> Is the use-after-free exploitable? Damn hard to tell, it is for sure
On Fri, Oct 30, 2020 at 11:15:31AM +0100, js-openbsd-m...@webkeks.org wrote:
> > Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
> >
> > js-openbsd-m...@webkeks.org wrote:
> >
> >> I just saw
> >> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
> >> however, it's
To close this thread, I found this:
https://twitter.com/m00nbsd/status/1321524807473782784
> Am 30.10.2020 um 11:15 schrieb js-openbsd-m...@webkeks.org:
>
>> Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
>>
>> js-openbsd-m...@webkeks.org wrote:
>>
>>> I just saw
>>>
> Am 30.10.2020 um 01:28 schrieb Theo de Raadt :
>
> js-openbsd-m...@webkeks.org wrote:
>
>> I just saw
>> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
>> however, it's unclear from the description and the context around the
>> patch if this is a read after free or
js-openbsd-m...@webkeks.org wrote:
> I just saw
> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
> however, it's unclear from the description and the context around the
> patch if this is a read after free or write after free (or both).
I think it is fair you can
Hi!
I just saw
https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/002_icmp6.patch.sig,
however, it's unclear from the description and the context around the patch if
this is a read after free or write after free (or both).
In the case of a write after free, would this change "Only two
14 matches
Mail list logo