Date: Thu, 01 Feb 2007 13:12:58 -0800 From: Colin Percival <cperciva@freebsd.org> To: Chuck Swiger <cswiger@mac.com> Cc: freebsd-security@freebsd.org, Chris Marlatt <cmarlatt@rxsec.com> Subject: Re: What about BIND 9.3.4 in FreeBSD in base system ? Message-ID: <45C257DA.7010205@freebsd.org> In-Reply-To: <45C24D57.3000704@mac.com> References: <001601c74428$ff9d54b0$ab76ed54@odipw> <45BEE27D.1050804@FreeBSD.org> <45BFA1B3.9040000@rxsec.com> <45C23DAA.9040108@FreeBSD.org> <45C24D57.3000704@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Chuck Swiger wrote: > I've been bitten by CVE-2006-4096, and have applied the workaround to > limit the # of outstanding queries. I've got two nameservers tracking > 5-STABLE which were vulnerable to CVE-2006-4095 You realize that these two issues were addressed in FreeBSD-SA-06:20.bind on September 6th, right? Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45C257DA.7010205>