forcemerge 502275 502294 thanks On Wed, Oct 15, 2008 at 10:57:55AM +0000, Helmut Grohne wrote: > > > It is fixed in 1.2.7-par according to > > > http://secunia.com/advisories/31847/. > > This is again NOT an option. > > I fully support this point. Nevertheless the issue must be fixed. > Fortunately this is easy: The default value of query_port_start=0 which > effectively lets the kernel choose source ports (sequentially). Shipping > a new config file with query_port_start=1024 solves the issue (verified > on sid/amd64 and etch/i386).
which is what I did like 3 hours ago. I've not dealt with etch at all though, neither for that, nor for the other CVE, I assumed that the security team is on it. If not, I'll do that but later, I'm on a schedule right now. -- ·O· Pierre Habouzit ··O [EMAIL PROTECTED] OOO http://www.madism.org
pgpZnJnxjKvsr.pgp
Description: PGP signature
