Waiting for BIND security announcement

Doug Barton dougb at FreeBSD.org
Wed Jul 25 00:47:27 UTC 2007

Simon L. Nielsen wrote:
> [freebsd-security@ CC'ed to avoid answering the same there again
> shorly :) - if following up, please drop either freebsd-questions or
> freebsd-securiy to avoid "spamming" both lists]
> On 2007.07.24 18:15:43 -0500, Jeffrey Goldberg wrote:
>> As I'm sure many people know there is a newly discovered BIND vulnerability 
>> allowing cache injection (pharming).  See

I think it's worth pointing out that cache injection and pharming are
not the same thing, although cache injection can be used as part of a
pharming attack.

I also think it's worth noting that this isn't an "all your queries
are belong to us" type of attack. The attack involves _predicting_
query id numbers which at _best_ will be successful only once in 16
tries. Then you have to actually time it right so that you can use
your guess.

Still, it is worth upgrading to avoid this issue.

>>   http://www.isc.org/index.pl?/sw/bind/bind-security.php
>> for details.
>> The version of bind on 6.2, 9.3.3,

RELENG_6 was updated shortly after the release of 9.3.4. I'll be
updating RELENG_[56] with the new 9.3.4-P1 version after I'm done
regression testing it, which should be some time tonight. Same for
updating HEAD with 9.4.1-P1.

The ports for bind9 and bind94 are already updated, so those with
urgent needs can use that route to upgrade immediately.

hope this helps,



    This .signature sanitized for your protection

More information about the freebsd-questions mailing list