On Mon, Aug 25, 2014 at 01:27:43AM +0100, Steven Chamberlain wrote: > On 06/08/14 22:18, Moritz Mühlenhoff wrote: > > On Wed, Jul 09, 2014 at 01:26:22AM +0100, Steven Chamberlain wrote: > >> So I'm obviously asking here - could we just drop SCTP from the default > >> kernel config? In jessie/sid? Even in wheezy-security? > > > > We can certainly do this for wheezy-security if the kfreebsd maintainers > > think it's the best course of action. > > Okay then, thanks. I propose we drop SCTP support from wheezy kernels, > via wheezy-security, to address CVE-2014-3953 and other concerns.
Ok, please note that kfreebsd-9 also needs http://www.freebsd.org/security/advisories/FreeBSD-SA-14:17.kmem.asc > In kfreebsd-10 however, there's been a lot of work on SCTP recently, > suggesting there's some renewed interest in the protocol. I'm inclined > to keep it in the 10.1 kernel config for now. Ok. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
