From owner-freebsd-security@FreeBSD.ORG Wed Jan 28 21:19:17 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7ADF8E32 for ; Wed, 28 Jan 2015 21:19:17 +0000 (UTC) Received: from mx.ams1.isc.org (mx.ams1.isc.org [IPv6:2001:500:60::65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.isc.org", Issuer "RapidSSL CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 3B9FD6A for ; Wed, 28 Jan 2015 21:19:17 +0000 (UTC) Received: from zmx1.isc.org (zmx1.isc.org [149.20.0.20]) by mx.ams1.isc.org (Postfix) with ESMTP id 2FAB21FCB1C; Wed, 28 Jan 2015 21:19:12 +0000 (UTC) Received: from zmx1.isc.org (localhost [127.0.0.1]) by zmx1.isc.org (Postfix) with ESMTP id 37AB0160068; Wed, 28 Jan 2015 21:25:52 +0000 (UTC) Received: from rock.dv.isc.org (c122-106-252-81.belrs3.nsw.optusnet.com.au [122.106.252.81]) by zmx1.isc.org (Postfix) with ESMTPSA id 072FC16005A; Wed, 28 Jan 2015 21:25:52 +0000 (UTC) Received: from rock.dv.isc.org (localhost [IPv6:::1]) by rock.dv.isc.org (Postfix) with ESMTP id 80082283DA18; Thu, 29 Jan 2015 08:19:10 +1100 (EST) To: marquis@roble.com From: Mark Andrews References: <20150128194011.2175B19F@hub.freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:02.kmem In-reply-to: Your message of "Wed, 28 Jan 2015 11:39:20 -0800." <20150128194011.2175B19F@hub.freebsd.org> Date: Thu, 29 Jan 2015 08:19:10 +1100 Message-Id: <20150128211910.80082283DA18@rock.dv.isc.org> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD autolearn=ham autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on mx.ams1.isc.org Cc: freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jan 2015 21:19:17 -0000 In message <20150128194011.2175B19F@hub.freebsd.org>, "Roger Marquis" writes: > >> If SCTP is NOT compiled in the kernel, are you still vulnerable ? > > > > No -- we should have mentioned that too. For GENERIC kernel however > > SCTP is compiled in. > > Should probably fix that too, in GENERIC, considering how little used this > protocol is. It is not used much because there is not critical mass and you want to reduce what little there is out there? It is a good thing that it is in GENERIC. Mark > Roger Marquis > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org