Re: [libvirt PATCH 00/17] Bump minimum dnsmasq version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/14/21 21:06, Laine Stump wrote:
> On 12/14/21 2:09 PM, Ján Tomko wrote:
>> This bumps the minimum dnsmasq version to the point where we do not need
>> capability probing, reducing it to a version check (which I will be
>> happy to remove on request).
>>
>> Unless I missed something, this also means we no longer need to spawn
>> radvd manually.
> 
> The code doesn't lie! If removing the bits that were only true for older
> dnsmasq removed the lines that ran radvd, then it's true. (I recall that
> support for RA was added to dnsmasq fairly soon after the original ipv6
> support was added, and radvd was left in libvirt only because there were
> so many downstreams that still had an older dnsmasq).
> 
>>
>> Note that DNSMASQ_CAPS_BINDTODEVICE was the indication of a downstream
>> mitigation of a CVE that should no longer be needed if we have
>> --bind-dynamic
>>
>> [...]
> 
>>   17 files changed, 83 insertions(+), 569 deletions(-)
> 
> Nice!!!
> 
> After the minor fixes I noted in 03/17 and 08/17
> 
> Reviewed-by: Laine Stump <laine@xxxxxxxxxx>
> 
> /me ponders what I should idly suggest be removed next...

Parallels driver (src/vz/)? ;-)

Michal




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux