This is merely a historical archive of years 2008-2021, before the migration to mailman3.
A maintained and still updated list archive can be found at https://lists.osmocom.org/hyperkitty/list/osmocom-commitlog@lists.osmocom.org/.
gitosis at osmocom.org gitosis at osmocom.orgThis is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "OpenBTS' transceiver retro-fit". The branch, ttsou/fixes has been created at 520d21c825c4f856b4faec6ddaa1b653d113fd05 (commit) - Log ----------------------------------------------------------------- http://cgit.osmocom.org/osmo-trx/commit/?id=520d21c825c4f856b4faec6ddaa1b653d113fd05 commit 520d21c825c4f856b4faec6ddaa1b653d113fd05 Author: Tom Tsou <tom.tsou at ettus.com> Date: Thu Apr 28 21:24:53 2016 -0700 common: Restrict UDP binding to localhost only Reported security vulnerability where control and data UDP packets can be injected into the transceiver externally due to socket binding to all interfaces using INADDR_ANY. Existing socket interface does not allow specifying local address; only the local port and remote address/port are arguments. Restrict socket bind to localhost with INADDR_LOOPBACK. If external interfaces do need to be used, the API should be modified to allow specifying the local socket address. Reported-by: Simone Margaritelli <simone at zimperium.com> Signed-off-by: Tom Tsou <tom.tsou at ettus.com> ----------------------------------------------------------------------- hooks/post-receive -- OpenBTS' transceiver retro-fit