Date: Tue, 03 Sep 2024 18:30:38 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 280701] FreeBSD-SA-24:05 fix breaks ICMP/ICMP6 states handling in pf firewall (ping, traceroute) Message-ID: <bug-280701-7501-JoURegshvs@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-280701-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280701 --- Comment #67 from Franco Fichtner <franco@opnsense.org> --- There are some open release engineering questions in this thread, lack of professionalism discarding a problem that was later fixed without comment aside. Doing the least bit of rectifying the previous behaviour would be a = good start to a useful discussion on the subject. The first and foremost question is how this was tested and verified? Was the researcher involved in all steps? The commits don't have a "Reviewed by" or "Tested by" either. Is this normal now? Does release engineering not assess the risk of spreading an SA fix over 4 commits with about 500 LOC changed introducing new features while at it? Th= at then grew to 6 commits, with 10 commits at the moment. It's a classic scope creep that should be avoided on releases at all cost. The test coverage was= n't there to make an educated choice either. Why is the fake id portion of the original OpenBSD patch omitted? At least https://github.com/openbsd/src/commit/49f39043a02d is still missin= g. Can anyone comment on why one would think that we should try to get away wi= th the least bit of commits here when we can clearly see all the related probl= ems were seen and handled in OpenBSD in the meantime? Why does nobody ask the reporters here to test this again? Why are the insi= ghts given by reporters brushed off? You can clearly see where the problem started given that nobody cares answe= ring these questions. TLDR: SO should do this again, please, but RE shouldn't. Cheers, Franco --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280701-7501-JoURegshvs>