Hi,

Recently a serious bug was found in the ipfilter fragment cache code.
FreeBSD etc. have issued an advisory and a patch a long time ago,
but I haven't seen anything related to NetBSD. No advisory, no patch,
no comments whatsoever.

I would like to ask, if someone could confirm this:

 - is NetBSD not vulnerable for some reason?

 - are there plans to issue advisories or patches?

 - are there plans to upgrade NetBSD-current to non-vulnerable
   version of ipfilter (which is developed independetly of NetBSD)?

This might cause some headaches to anyone who is using NetBSD as an IP
filtering firewall solution.

-- 
Janne Snabb
snabb@ssh.com