On 06/21/2019 01:44 AM, Levente Polyak via arch-general wrote:
I guess you mean 5.1.12 as long as you are not a visitor from the future.
5.1.11 was the upstream fix version for the SACK issues, you can use our Arch Linux specific security tracker to get this information:
https://security.archlinux.org/CVE-2019-11477 https://security.archlinux.org/CVE-2019-11478 https://security.archlinux.org/CVE-2019-11479
which lists all affected and fixed variants/versions.
there have been advisories published on the tracker and via our sec announcements ML.
So as long as you are running latest kernels, no other mitigation is needed.
cheers, Levente
Thank you Levente Not from the future, just a notorious bass-ackwards typist. Perhaps a dumb question, but where would I find (other than the security.archlinux.org page the cross-reference that tells me CVE-XXX is in group, e.g. AVG-986? -- David C. Rankin, J.D.,P.E.