cvs commit: ports/dns/bind9 Makefile distinfo
Doug Barton
dougb at FreeBSD.org
Fri Jan 28 12:47:45 PST 2005
dougb 2005-01-28 20:47:44 UTC
FreeBSD ports repository
Modified files:
dns/bind9 Makefile distinfo
Log:
Include a patch from ISC to deal with the following vulnerability:
Name: BIND: Self Check Failing [Added 2005.25.01]
Versions affected: BIND 9.3.0
Severity: LOW
Exploitable: Remotely
Type: Denial of Service
Description:
An incorrect assumption in the validator (authvalidated) can result in a
REQUIRE (internal consistancy) test failing and named exiting.
Workarounds:
Turn off dnssec validation (off by default) at the options/view level.
dnssec-enable no;
Active Exploits: None known
Bump PORTREVISION accordingly.
It should be noted that the vast majority of users would not have
DNSSEC enabled, and therefore are not vulnerable to this bug.
Revision Changes Path
1.61 +9 -1 ports/dns/bind9/Makefile
1.34 +4 -0 ports/dns/bind9/distinfo
More information about the cvs-ports
mailing list