On Fri, 04 Aug 2017, Adam McKenna wrote:
> Alright I guess I'll have to take this to debian-security then, this may
> even warrant a CVE
I completly disagree, but lets see what -security says.
Alex
Alright I guess I'll have to take this to debian-security then, this may
even warrant a CVE
On Fri, Aug 4, 2017 at 9:23 AM Alexander Wirt wrote:
> On Fri, 04 Aug 2017, Adam McKenna wrote:
>
> > That makes no sense, if that's the case then why is a default ruleset
> > provided for ipv4 but not ip
On Fri, 04 Aug 2017, Adam McKenna wrote:
> That makes no sense, if that's the case then why is a default ruleset
> provided for ipv4 but not ipv6?
>
> More and more systems are running ipv6 these days and ferm users may not
> even know their systems are exposed in this way.
Thats why I fixed it,
That makes no sense, if that's the case then why is a default ruleset
provided for ipv4 but not ipv6?
More and more systems are running ipv6 these days and ferm users may not
even know their systems are exposed in this way.
On Fri, Aug 4, 2017 at 9:16 AM Alexander Wirt wrote:
> fixed 701200 2.4
fixed 701200 2.4-1
thanks
On Fri, 04 Aug 2017, Adam McKenna wrote:
> tag 701200 security
>
> This is not just a bug, this is a gaping security hole. The default
> configuration is wide open on ipv6.
>
> Please add, at a minimum, the following default rules for ipv6:
This was fixed in unstable
tag 701200 security
This is not just a bug, this is a gaping security hole. The default
configuration is wide open on ipv6.
Please add, at a minimum, the following default rules for ipv6:
domain ip6 {
table filter {
chain INPUT {
policy DROP;
interface lo ACC
6 matches
Mail list logo
