9bb67d5c1e
Security: the NEWS claims a couple more CVEs are fixed than what we patched, though perhaps nothing critical. I personally don't find DNS fragmentation attacks that interesting anymore, as it's just about weaker improvements for cases that choose not to use DNSSEC. Largest expected caveat: upstream bumped the minimal supportable kernel to 3.2.0. That's the oldest kernel still supported upstream, released in Jan 2012, but most notably RHEL 6 and derivates still use a heavily patched 2.6.32 kernel and those systems are still supported and in use (production support is scheduled to last till the end of 2020!).
282 KiB
282 KiB