Subject: ipf fix - how?
To: NetBSD Users <netbsd-users@netbsd.org>
From: Jukka Marin <jmarin@pyy.jmp.fi>
List: netbsd-users
Date: 04/09/2001 11:26:40
Hello,
What is the easiest way of fixing the recent vulnerability in ipf on a
NetBSD-1.5R system? Can I apply a patch to the kernel sources or do I
have to upgrade to current -current? My 1.5R seems to be stable, so I
would like to keep running it to avoid the potential problems of the
most recent kernels. (Do I have to update the userland ipf tools as
well?)
Also, is it a bug or a feature that ipf reports wrong line numbers in
/etc/ipf.conf if the config file has blank lines? If I put a "#" on
every "blank" line, ipf reports correct line numbers (ie. a blank line
is not the same thing as a line with a single "#" on it). My version of
ipf is
ipf: IP Filter: v3.4.9 (264)
Kernel: IP Filter: v3.4.9
Thanks,
-jm