[Pkg-samba-maint] Bug#813406: Bug#813406: ctdb, raw sockets and CVE-2015-8543

Adi Kriegisch adi at kriegisch.at
Wed Feb 3 21:18:44 UTC 2016


Hi!

> There are two set of patches:
> - yours that basically keep the same behavior as pre-CVE-2015-8543 (proto=0)
I just desperately tried to get my cluster going again... ;-)

> - Amitay's that restore the intented behavior (proto=255)
[...] 
> I think I'll got for Amitay's patch which probably fixes a lot of
> weird behaviors I've seen pre-CVE-2015-8543 (i.e TCP connections not
> reset, Ip not properly relocated).
This is -- of course -- the way better approach!

> I plan to fix this for wheezy and jessie. stretch will come with next
> upstream release.
> 
> Givent the importance of the bug, I think it can go thru -security.
I think so too -- especially as it is some kind of regression.

Thank you very much for taking care of this!

-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20160203/959d666a/attachment.sig>


More information about the Pkg-samba-maint mailing list