Hi Karl, Yes - that is correct. You are right that no case IDs are mentioned, and I suspect that it is probably intentional on their (MikroTik) part for their usual unguessable reasons ;) The 6.45beta23 is the first released version that contains fixes for all reported IPv6 bug/vulnerability issues. The reason that the latter two (longterm/bugfix and stable channels) have the additional entry in changelog is because the beta version was still problematic for routers with limited RAM - thus stable and longterm have the added memory management solution to provide the workable patch for all router models. Hope it makes sense - even if it is only 'MikroTik sense' ;-) Cheers, Mike.
-----Original Message----- From: Public [mailto:public-bounces@talk.mikrotik.com.au] On Behalf Of Karl Auer Sent: Wednesday, 10 April 2019 1:05 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] UKNOF 43 CVE
On Wed, 2019-04-10 at 11:32 +1000, Mike Everest wrote:
According to all official statements (and acknowledged by the reporting researcher) lastest builds on all release channels now address all (3) documented vulnerabilities.
So to be completely specific:
6.43.14 LTR (4 April) 6.44.2 Stable (4 April) 6.45beta23 (1 April)
All seem to have the same three changes (among others):
!) ipv6 - fixed soft lockup when forwarding IPv6 packets; !) ipv6 - fixed soft lockup when processing large IPv6 Neighbor table; *) ipv6 - adjust IPv6 route cache max size based on total RAM memory;
6.45beta23 (29 March)had only the first two.
Oddly, NONE of them actually mention vulnerability identifiers.
Regards, K.
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160
GPG fingerprint: 887A DA07 4DCC EE76 B413 27D4 C638 4189 6CF0 D556 Old fingerprint: 8454 EE43 6215 B6DD 1B4D 9D8D 984D 7BA1 7378 A38D
_______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au