FreeBSD Security Advisory FreeBSD-SA-15:11.bind

Mark Felder feld at FreeBSD.org
Wed Jul 8 16:29:44 UTC 2015

Previous message (by thread): FreeBSD Security Advisory FreeBSD-SA-15:11.bind
Next message (by thread): FreeBSD Security Advisory FreeBSD-SA-15:11.bind
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 7, 2015, at 18:25, FreeBSD Security Advisories wrote:
> 
> IV.  Workaround
> 
> No workaround is available, but hosts not running named(8) are not
> vulnerable.
> 

Why is no workaround available? Can't you just disable DNSSEC
validation?

dnssec-enable no;
dnssec-validation no;

In fact, don't they have to be explicitly enabled anyway?

Previous message (by thread): FreeBSD Security Advisory FreeBSD-SA-15:11.bind
Next message (by thread): FreeBSD Security Advisory FreeBSD-SA-15:11.bind
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the freebsd-security mailing list