[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: twitter-bootstrap / CVE-2018-14040 / CVE-2018-14041 / CVE-2018-14042

Paul Wise <pabs@debian.org> writes:

> Next time try connecting to port 80/443 on the IP address without
> sending any data. That would eliminate a HTTP-layer issue.

Did this, at least for port 80. It timed out too. It couldn't establish
a TCP connection.

> Or temporary overload. If it happens again, the curl output of the IP
> address will tell you which StackPath datacenter you connected to and
> it does not go to the security-tracker hostname so it should return
> results immediately and might be blacklist independent.

Maybe not much point now, the results may have changed (and I have
forgotten what I got yesterday). However, currently getting (from both

security-tracker.debian.org is an alias for security-tracker.debian.netdna-cdn.com.
security-tracker.debian.netdna-cdn.com has address
Brian May <bam@debian.org>

Reply to: