> wether the bug has really been fixed. Later, some reader told them > that this was related to the suggested workaround (scrub vs. block), > and today that statement has been removed. Without any comment.
The problem with scrub is that Core thought it was a sufficient workaround. Itojun looked at the pf inet6 code, and seeing how poorly pf scrub handles inet6, thought that was unlikely to actually work against the problem. against their particular exploit packets, but perhaps not against other cases. We told Core that we did not feel scrub was enough. And then some idiot in the press tries to swing that into an accusation against us? Yes, the guy has a slant. But Core was massively unclear about this in their advisory.
