From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arne Fitzenreiter To: development@lists.ipfire.org Subject: Re: Including patch for CVE-2020-25705 into upcoming Core Update 153? Date: Wed, 18 Nov 2020 19:34:16 +0100 Message-ID: In-Reply-To: <595BD7A1-C914-4D2F-9784-33BBFDE6C859@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============2845132694922650976==" List-Id: --===============2845132694922650976== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable It is already in kernel since 4.14.203 File to patch: Skip this patch? [y] Skipping patch. 1 out of 1 hunk ignored patching file net/ipv4/icmp.c Reversed (or previously applied) patch detected! Skipping patch. 2 out of 2 hunks ignored -- saving rejects to file=20 net/ipv4/icmp.c.rej make: *** [linux:137: /usr/src/log/linux-4.14.206-ipfire] Error 1 Am 2020-11-17 12:05, schrieb Michael Tremer: > Hello, >=20 > Yes, we should add this patch to the currently open next branch. >=20 > Who will send a patch? >=20 > Best, > -Michael >=20 >> On 16 Nov 2020, at 16:10, Peter M=C3=BCller =20 >> wrote: >>=20 >> Hello *, >>=20 >> since Core Update 153 is already scheduled to come with a new kernel,=20 >> including this >> patch against CVE-2020-25705 (dubbed "SADDNS" at the time of writing)=20 >> into it makes >> sense IMHO: >>=20 >> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/= ?id=3Db38e7819cae946e2edf869e604af1e65a5d241c5 >>=20 >> Further reading is available at, for example, ZDNet: >> https://www.zdnet.com/article/dns-cache-poisoning-poised-for-a-comeback-sa= d-dns/ >>=20 >> Thanks, and best regards, >> Peter M=C3=BCller --===============2845132694922650976==--