Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 24 Jul 2007 18:15:43 -0500
From:      Jeffrey Goldberg <>
To:        FreeBSD Questions <>
Subject:   Waiting for BIND security announcement
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

Content-Transfer-Encoding: 7bit
Content-Type: text/plain;

[I'm cc'ing this to, but they are probably  
already aware of things.  I don't require a response from them, but  
if they do, a posting to the questions are announcement lists would  
be great.  I don't need a personal response.]

As I'm sure many people know there is a newly discovered BIND  
vulnerability allowing cache injection (pharming).  See

for details.

The version of bind on 6.2, 9.3.3, looks like it is vulnerable (along  
with many other versions).  It's not particularly an issue for me  
since my name servers aren't publicly queryable, but I am curios  
about how things like security problems in
src/contrib get handled in FreeBSD.



Jeffrey Goldberg              


Want to link to this message? Use this URL: <>