new bind security bug?
Mark Andrews
marka at isc.org
Fri Jul 8 02:20:39 UTC 2011
Firstly,
it is bad form to hijack a old thread and reply to it for a
new topic. How hard is it to type "freebsd-security at freebsd.org"
into a To: field and start a new topic? Additionally it may not
be seen by anyone that had marked the old thread to be killed.
In message <4E1652AF.8000000 at secnap.com>, Michael Scheidell writes:
> is this a new one?
Yes, these are new. From the referenced advisary notices.
Version 2.0 - 5 July 2011: Public Disclosure
The freebsd security team are aware of this.
> <http://threatpost.com/en_us/blogs/new-bind-release-fixes-high-severity-remot
> e-bugs-070611>
>
> The high-severity vulnerability in many versions of the BIND software
> has the effect of causing the BIND server to exit when it receives a
> specially formatted packet. The ISC said that although it isn't aware of
> any public exploits for the bug, it still recommends that organizations
> upgrade to one of the newer versions of BIND, which include
> 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4.
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the freebsd-security
mailing list