[PATCH 19.07] kernel: Update kernel 4.14 to version 4.14.206
Koen Vandeputte
koen.vandeputte at citymesh.com
Fri Nov 13 09:16:19 EST 2020
On 13.11.20 13:35, Adrian Schmutzler wrote:
>> -----Original Message-----
>> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org]
>> On Behalf Of Josef Schlehofer
>> Sent: Freitag, 13. November 2020 09:33
>> To: openwrt-devel at lists.openwrt.org
>> Cc: Hauke Mehrtens <hauke at hauke-m.de>
>> Subject: [PATCH 19.07] kernel: Update kernel 4.14 to version 4.14.206
>>
>> From: Hauke Mehrtens <hauke at hauke-m.de>
>>
>> This is a security update as currently in OpenWrt 19.07, there is version
>> 4.14.202 it means that it is vulnerable against vulnerability known as Sad DNS
>> (DNS cache poisoning). Since kernel 4.14.203, there is present mitigation to
>> this attack by randomizing ICMP global rate limit.
>>
>> More details can be found here: https://www.saddns.net/
>>
>> Compile and runtime tested on x86/64.
>> Also compile and run tested on all Turris devices (Turris 1.x - powerpc 8540,
>> Turris Omnia - mvebu/cortex-a9_vfpv3-d16, Turris MOX -
>> mvebu/aarch64_cortex-a53)
>>
>> Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de> (cherry picked from
>> commit 9cdc02be88d5c25791664b1baaf9a7c1a4382c95)
>> Signed-off-by: Josef Schlehofer <pepe.schlehofer at gmail.com> [added
>> commit message about run testing on Turris devices, added mention about
>> Sad DNS]
>
> Did you just pick the patch or properly refresh patches again?
>
> Best
>
> Adrian
fwiw,
I took my .205 patch and bumped it again with .206
It's already in my staging tree and compile tests already executed.
Regards,
Koen
More information about the openwrt-devel
mailing list