Date: Sat, 29 Jun 2002 15:35:02 -0600 From: Brett Glass <brett@lariat.org> To: Doug Barton <DougB@FreeBSD.org> Cc: Mark.Andrews@isc.org, security@FreeBSD.org Subject: Re: libc flaw: BIND 9 closes most holes but also opens one Message-ID: <4.3.2.7.2.20020629153253.02e88ef0@localhost> In-Reply-To: <3D1E264A.5463BA96@FreeBSD.org> References: <Your message of "Fri, 28 Jun 2002 16:59:25 CST." <200206282259.QAA03790@lariat.org> <4.3.2.7.2.20020629123101.02ed2df0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:27 PM 6/29/2002, Doug Barton wrote: > The libbind bug is fixed in both 8.2.6, and 8.3.3. Please be more >careful to read what is posted before responding. I know that there were earlier fixes to prevent buffer overrruns. My impression, based on ISC's statements, is that more were required after that time. Have you done a diff between 8.2.6 and 8.3.3? >That said, if you are >going to run a BIND 8 server, I think you're a lot better off with >8.3.3. I want to run a BIND 9 server, because it will protect vulnerable machines and apps behind it. But it looks as if I'll need to get libbind out of 8.3.3, too, unless there's a new release of BIND 9 that includes it. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020629153253.02e88ef0>