Apropos the recent discussions about IPv6: -------- Original Message -------- Subject: IPv6 Type 0 Route Header Design Flaw Date: Mon, 23 Apr 2007 20:09:19 +0200 From: Marc Balmer Organization: The OpenBSD Project To: security-announce(a)openbsd.org IPv6 type 0 route headers can be used to mount a DoS attack against hosts and networks. This is a design flaw in IPv6 and not a bug in OpenBSD. This problem has been fixed in the OpenBSD CVS repository in the -current and -stable branches. The -current snapshots of OpenBSD contain these fixes as well. It is recommended that users of OpenBSD update their kernel asap using cvs or manually apply the source code patches listed below. A source code patch for OpenBSD 4.0-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/012_route6.patch. A source code patch for OpenBSD 3.9-stable can be downloaded from ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/022_route6.patch. -- Juha Saarinen * Quidquid latine dictum sit, altum videtur * www.geekzone.co.nz/juha