From owner-freebsd-current Thu Oct 29 02:10:51 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA02388 for freebsd-current-outgoing; Thu, 29 Oct 1998 02:10:51 -0800 (PST) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from nlsystems.com (nlsys.demon.co.uk [158.152.125.33]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA02368 for ; Thu, 29 Oct 1998 02:10:44 -0800 (PST) (envelope-from dfr@nlsystems.com) Received: from herring.nlsystems.com (herring.nlsystems.com [10.0.0.2]) by nlsystems.com (8.9.1/8.8.5) with SMTP id KAA28723; Thu, 29 Oct 1998 10:11:24 GMT Date: Thu, 29 Oct 1998 10:11:24 +0000 (GMT) From: Doug Rabson To: Alexander Sanda cc: freebsd-current@FreeBSD.ORG Subject: Re: Nestea fix on 3.0-* In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 28 Oct 1998, Alexander Sanda wrote: > > Hi > > I have running some systems, which I recently upgraded to 3.0-RELEASE. > Everything is running fine, but I would feel more comfortable with a > kernel not vulnerable to the Nestea (sp?) attack. > > So is it safe, to install a -current kernel on a 3.0-RELEASE system ? I > mainly ask, because I noticed a lot of changes under src/sys recently. > > Or should I only checkout netinet/ip_input.c and recompile the kernel ? For what its worth, the change to ip_input.c has no dependencies (as far as I know) to any other recent kernel changes. You can safely update this one file. -- Doug Rabson Mail: dfr@nlsystems.com Nonlinear Systems Ltd. Phone: +44 181 951 1891 Fax: +44 181 381 1039 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message