[arch-general] CVE-2019-11477 (/proc/sys/net/ipv4/tcp_sack)
David C. Rankin
drankinatty at suddenlinkmail.com
Sat Jun 22 06:31:08 UTC 2019
On 06/21/2019 01:44 AM, Levente Polyak via arch-general wrote:
> I guess you mean 5.1.12 as long as you are not a visitor from the future.
> 5.1.11 was the upstream fix version for the SACK issues, you can use our
> Arch Linux specific security tracker to get this information:
> which lists all affected and fixed variants/versions.
> there have been advisories published on the tracker and via our sec
> announcements ML.
> So as long as you are running latest kernels, no other mitigation is needed.
Thank you Levente
Not from the future, just a notorious bass-ackwards typist. Perhaps a dumb
question, but where would I find (other than the security.archlinux.org page
the cross-reference that tells me CVE-XXX is in group, e.g. AVG-986?
David C. Rankin, J.D.,P.E.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: OpenPGP digital signature
More information about the arch-general