Subject: Re: ALERT: Security hole introduced by patch being backed out on releng-1-5 branch.
To: None <tech-security@netbsd.org>
From: John Hawkinson <jhawk@netbsd.org>
List: tech-security
Date: 10/26/2001 10:46:11
Darren Reed <darrenr@reed.wattle.id.au> wrote on Fri, 26 Oct 2001
at 00:06:42 +1000 in <200110251406.AAA07224@avalon.reed.wattle.id.au>:

> It appears someone decided to remove the code which invokes pfil_hooks
> on forwarded IPv6 packets for the NetBSD 1.5 branch, leading to it not
> being possible to filter them.  Thanks releng-1-5, you're my heroes.

Release Engineering <releng-1-5@netbsd.org> has responded to Darren
on this issue, under seperate cover. Feel free to direct queries to
us regarding our actions.


In general, all code that is committed to a release branch (such as the
netbsd-1-5 branch) is reviewed by Release Engineering, and we will revert
commits that are not subject to that review process.

--jhawk
  (who is personally pretty far behind on tech-security, but read through
   the past few messages for context).