On 06/21/2019 01:44 AM, Levente Polyak via arch-general wrote:
> I guess you mean 5.1.12 as long as you are not a visitor from the future.
>
> 5.1.11 was the upstream fix version for the SACK issues, you can use our
> Arch Linux specific security tracker to get this information:
>
>
> https://security.archlinux.org/CVE-2019-11477
> https://security.archlinux.org/CVE-2019-11478
> https://security.archlinux.org/CVE-2019-11479
>
> which lists all affected and fixed variants/versions.
>
> there have been advisories published on the tracker and via our sec
> announcements ML.
>
>
> So as long as you are running latest kernels, no other mitigation is needed.
>
> cheers,
> Levente
Thank you Levente
Not from the future, just a notorious bass-ackwards typist. Perhaps a dumb
question, but where would I find (other than the security.archlinux.org page
the cross-reference that tells me CVE-XXX is in group, e.g. AVG-986?
--
David C. Rankin, J.D.,P.E.
signature.asc
Description: OpenPGP digital signature