From owner-freebsd-stable@FreeBSD.ORG Thu Jul 26 15:19:40 2007 Return-Path: Delivered-To: stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4AA0216A41F for ; Thu, 26 Jul 2007 15:19:40 +0000 (UTC) (envelope-from qpadla@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.171]) by mx1.freebsd.org (Postfix) with ESMTP id CD4DE13C442 for ; Thu, 26 Jul 2007 15:19:39 +0000 (UTC) (envelope-from qpadla@gmail.com) Received: by ug-out-1314.google.com with SMTP id o4so609205uge for ; Thu, 26 Jul 2007 08:19:38 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:from:to:subject:date:user-agent:cc:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id; b=uDB0c9UXZHHZPqny/WS3dzzBYwWDh0DjG+130DPCKPmu01ekTpFtl1qkBfdh3Ia3CFy2602a6Kqq0RJMR5wmhZicYay0CfH9R5chuGkSdVcis6PUrl9SLzHvUnMtLL7tJGQjco8CRhC23riH4cozWhb9+fb3UE9yd0zHku0z3os= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:from:to:subject:date:user-agent:cc:references:in-reply-to:mime-version:content-type:content-transfer-encoding:message-id; b=K/nwTXTOMRiFZ8mp4syBxHMBDBjHVtdMD50KQYE3lJleOWnrKU2EKfFk71kNxD612Q3b4lSl9zyS6C7qaD3BQc4gJRJD2ycCmFHhKHE3qGyAO3awVwHsLLiqJf2KxJhQN611ukvPEOTbR0aEEzhDHIX9hyzKAh0lhgh0S+bygiY= Received: by 10.82.158.12 with SMTP id g12mr1510593bue.1185461709538; Thu, 26 Jul 2007 07:55:09 -0700 (PDT) Received: from 77-109-33-59.dynamic.peoplenet.ua ( [77.109.33.59]) by mx.google.com with ESMTPS id d2sm2336356nfc.2007.07.26.07.55.05 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 26 Jul 2007 07:55:08 -0700 (PDT) From: Nikolay Pavlov To: freebsd-stable@freebsd.org, Stephen.Clark@seclark.us Date: Thu, 26 Jul 2007 17:54:54 +0300 User-Agent: KMail/1.9.7 References: <01e101c7cecb$380e6960$b6db87d4@multiplay.co.uk> <46A78AB3.9090805@FreeBSD.org> <46A88AB4.1010808@seclark.us> In-Reply-To: <46A88AB4.1010808@seclark.us> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart3893482.PHZlgSr9CP"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200707261755.02806.qpadla@gmail.com> Cc: stable@freebsd.org, Doug Barton , Steven Hartland Subject: Re: bind exploit, patch expected? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2007 15:19:40 -0000 --nextPart3893482.PHZlgSr9CP Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 26 July 2007 14:51:16 Stephen Clark wrote: > Doug Barton wrote: > >Steven Hartland wrote: > >>I assume the security team are already working on this but > >>cant hurt to ask: > > > >Before you ask questions on a public list it's generally considered > >polite to do a little checking yourself, especially in an open source > >project. As Mike pointed out, the secteam had already addressed this > >issue on -security, and I had already followed up in detail regarding > >the upgrade plans. > > > >In addition, at the time you posted the updates had all been done in > >the ports, HEAD (-current), and RELENG_[56] (5 and 6-stable). > > > >In any case, it's good that you're on top of your security > >announcements, and I'm glad to say that this time anyway we're one > >step ahead. :) > > > >Doug > > Interesting - I just checked the FreeBSD.org security page and don't see > any indication of > a patch to fix the vulnerability for 6.1. > > Steve This is because RELENG_[56] is not a 6.1 RTFM http://www.freebsd.org/doc/en_US.ISO8859-1/articles/releng/release-proc.html =2D-=20 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D Best regards, Nikolay Pavlov. <<<----------------------------- =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --nextPart3893482.PHZlgSr9CP Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQBGqLXG/2R6KvEYGaIRAsflAJ94qAo3DxngANT4/M9Gfy1TwZcymwCeP0nS uhWZKD1MnuDSByexg6N0/PM= =RSRl -----END PGP SIGNATURE----- --nextPart3893482.PHZlgSr9CP--