CVE-2016-5696 [duplicate]

asked 2016-08-20 12:08:14 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2016-08-20 12:08:14 +0300

nightmare gravatar image

http://www.heise.de/newsticker/meldung/HTTP-Verbindungen-von-einer-Milliarde-Android-Geraeten-angreifbar-3300328.html

according to that news-link above and that little test with sysctl net.ipv4.tcp_challenge_ack_limit the JollaC with 2.0.2.48 returns 100 and could be affected.

[root@Sailfish nemo]# sysctl net.ipv4.tcp_challenge_ack_limit

net.ipv4.tcp_challenge_ack_limit = 100

edit retag flag offensive reopen delete

The question has been closed for the following reason "duplicate question" by lpr
close date 2018-05-04 00:24:18.432802

Comments

was a duplicate and is released in v2.0.5: https://together.jolla.com/question/150237/release-notes-205-haapajoki/

cemoi71 ( 2018-05-03 13:24:13 +0300 )edit
1

fix has only been released for JollaC and Tablet so far, Jolla1 still affected!

lpr ( 2018-05-04 00:23:55 +0300 )edit

@lpr oh shit!!! i see i was too fast sorry and thank for have double checked this.

cemoi71 ( 2018-05-04 11:44:14 +0300 )edit