[kernel] r5299 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Fri Jan 6 04:09:46 UTC 2006
Author: dannf
Date: Fri Jan 6 04:09:46 2006
New Revision: 5299
Modified:
patch-tracking/CVE-2002-0704
Log:
note that this one doesn't really have a fix; just a workaround
Modified: patch-tracking/CVE-2002-0704
==============================================================================
--- patch-tracking/CVE-2002-0704 (original)
+++ patch-tracking/CVE-2002-0704 Fri Jan 6 04:09:46 2006
@@ -10,6 +10,12 @@
The Network Address Translation (NAT) capability for Netfilter ("iptables")
1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
Notes:
+ There's a patch here:
+ http://www.securityfocus.com/bid/4699
+ But it doesn't appear to have gone upstream. It doesn't look like RedHat
+ or Mandrake fixed it either; instead, they suggest a workaround:
+ http://rhn.redhat.com/errata/RHSA-2002-086.html
+ http://archives.mandrivalinux.com/security-announce/2002-02/msg00025.html
Bugs:
upstream:
linux-2.6:
More information about the Kernel-svn-changes
mailing list