What about BIND 9.3.4 in FreeBSD in base system ?
Doug Barton
dougb at FreeBSD.org
Tue Jan 30 06:42:09 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The bind9 port was updated the same day that the code and security
advisory were released, so users who are actually vulnerable to these
issues can update immediately. I imported 9.3.4 into HEAD today, and
plan to MFC it after 4 or 5 days. I am actually considering only
MFC'ing it to RELENG_6 to help provide some incentive for those on 5.x
to upgrade.
Of the 3 advisories, 2 are only problems for those that run with
DNSSEC validation. The other is only a problem for those that allow
untrusted users access to named configured as a recursive resolver,
and is a DoS vulnerability, not a remote exploit.
As always, if secteam@ asks me to accelerate the MFC schedule I will,
but they haven't said anything to me yet.
hth,
Doug
- --
This .signature sanitized for your protection
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.1 (FreeBSD)
iD8DBQFFvuJ8yIakK9Wy8PsRAkcRAKD4+mN+gUHZzr1QLmIVmcbP7z4UgQCdFqiZ
WUZWQ1WKITsF5ISHV6EXVaA=
=4T7Y
-----END PGP SIGNATURE-----
More information about the freebsd-security
mailing list