On 11/28/2012 06:18 AM, Peter Krempa wrote:
On 11/27/12 22:38, Laine Stump wrote:
I forgot that I was going to add in the following at the suggestion of David Woodhouse (the original reporter of the CVE) in this comment of the BZ:
https://bugzilla.redhat.com/show_bug.cgi?id=874702#c14
It adds checking for the deprecated ("but still really useful") FEC0::/10 range of IPv6 addresses.
I plan to squash the virsocketaddr.c change into 2/3, and the bridge_driver.c change into 3/3 before pushing.
...
routable subnet " "(see CVE-2012-3411). You must either upgrade dnsmasq, " "or use a private/local subnet range for this network " - "(as described in RFC1918/RFC4193)."), ipaddr, + "(as described in RFC1918/RFC3484/RFC4193)."), ipaddr,
Your mail client broke long lines into shorter ones but "patch" doesn't like that. Could you please repost either this diff using git send-email or the complete patch you're going to squash this in?
I'd originally intended to post the interdiffs from git, but made a mistake with git reset and ended up with the changes squashed in before I was able to send the separate patches - all I had left was the output of diff in a terminal window. Since it was such a minor change (the change in bridge_driver.c only modifies log message and comment text, and the change in virsocketaddr.c adds one more clause to an expression), I figured it could just be visually examined. Since I no longer have the interdiffs, I'll just repost the entire series.