Even better.

Thank you for checking, Arne.

-Michael

> On 18 Nov 2020, at 18:34, Arne Fitzenreiter <arne_f(a)ipfire.org> wrote:
> 
> It is already in kernel since 4.14.203
> 
>    File to patch:
>    Skip this patch? [y]
>    Skipping patch.
>    1 out of 1 hunk ignored
>    patching file net/ipv4/icmp.c
>    Reversed (or previously applied) patch detected!  Skipping patch.
>    2 out of 2 hunks ignored -- saving rejects to file net/ipv4/icmp.c.rej
>    make: *** [linux:137: /usr/src/log/linux-4.14.206-ipfire] Error 1
> 
> 
> 
> 
> Am 2020-11-17 12:05, schrieb Michael Tremer:
>> Hello,
>> Yes, we should add this patch to the currently open next branch.
>> Who will send a patch?
>> Best,
>> -Michael
>>> On 16 Nov 2020, at 16:10, Peter Müller <peter.mueller(a)ipfire.org> wrote:
>>> Hello *,
>>> since Core Update 153 is already scheduled to come with a new kernel, including this
>>> patch against CVE-2020-25705 (dubbed "SADDNS" at the time of writing) into it makes
>>> sense IMHO:
>>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b38e7819cae946e2edf869e604af1e65a5d241c5
>>> Further reading is available at, for example, ZDNet:
>>> https://www.zdnet.com/article/dns-cache-poisoning-poised-for-a-comeback-sad-dns/
>>> Thanks, and best regards,
>>> Peter Müller