From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LRqox-0001Xa-Vw for garchives@archives.gentoo.org; Tue, 27 Jan 2009 16:29:52 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 05096E04BC; Tue, 27 Jan 2009 16:29:51 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id D87AFE04BC for ; Tue, 27 Jan 2009 16:29:50 +0000 (UTC) Received: from localhost (0x3ef266d2.svgnxx4.dynamic.dsl.tele.dk [62.242.102.210]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id A1FDE64639; Tue, 27 Jan 2009 16:29:49 +0000 (UTC) Date: Tue, 27 Jan 2009 17:26:17 +0100 From: Peter Alfredsen To: gentoo-dev@lists.gentoo.org Cc: vapier@gentoo.org Subject: Re: [gentoo-dev] Message-ID: <20090127172617.75b24570@gentoo.org> In-Reply-To: <20090127154750.GA32544@eric.schwarzvogel.de> References: <20090127154750.GA32544@eric.schwarzvogel.de> X-Mailer: Claws Mail 3.7.0 (GTK+ 2.14.7; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Archives-Salt: 733e755e-9c89-40ac-8601-f9951d20c9e0 X-Archives-Hash: bfe127a5d6b4c3af45d83dd93332d99b [Mike: This looks like your field of expertise] On Tue, 27 Jan 2009 16:47:50 +0100 Tobias Klausmann wrote: > Hi, > > glibc 2.9 uses a different way to implement getaddrinfo() which > triggers a race condition in most (if not all) Netfilter > firewalls that use connection tracking. glibc does nothing wrong > per se, it just triggers the condition. (technical details here: > http://marc.info/?l=linux-netdev&m=123304473331445) [...] > I don't have any experience with glibc upstream but pestering > them about this out of the blue might only cause a flame war > between kernel and glibc folks. Thus, I'm asking you, my fellow > devs (and the glibc and kernel teams specifically), what you > think is the best idea/course of action. The connection with IPv6 leads me to believe that this is http://bugs.gentoo.org/250468 http://sourceware.org/bugzilla/show_bug.cgi?id=7060 Mike has added a patch to Gentoo's patchset but hasn't bumped the revision yet. It does look spectacularly hacky, though :-) Anyway, if this is your problem, it looks like upstream is already working on it and that we just need to *prod* Mike a bit to get a fix into the tarball. /PA