Date: Mon, 11 Jul 2011 18:40:43 -0700 From: Doug Barton <dougb@FreeBSD.org> To: josh.carroll@gmail.com Cc: freebsd-security@freebsd.org, Glen Barber <glen.j.barber@gmail.com>, Michael Scheidell <michael.scheidell@secnap.com> Subject: Re: new bind security bug? Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-11:02.bind Message-ID: <4E1BA61B.9090302@FreeBSD.org> In-Reply-To: <CAN28_4B_iofpfY%2B1YgeqgbypaBo48R73PKPZVqpHkQV2VHjx8g@mail.gmail.com> References: <201105280928.p4S9SxXg051018@freefall.freebsd.org> <4DF79534.6060507@acsalaska.net> <4E1652AF.8000000@secnap.com> <4E165A67.6020609@gmail.com> <CAN28_4B_iofpfY%2B1YgeqgbypaBo48R73PKPZVqpHkQV2VHjx8g@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 07/07/2011 19:00, Josh Carroll wrote: > On Jul 7, 2011 6:40 PM, "Glen Barber" <glen.j.barber@gmail.com> wrote: >> >> On 7/7/11 8:43 PM, Michael Scheidell wrote: >>> < > http://threatpost.com/en_us/blogs/new-bind-release-fixes-high-severity-remote-bugs-070611 >> >>> >>> >>> The high-severity vulnerability in many versions of the BIND software >>> has the effect of causing the BIND server to exit when it receives a >>> specially formatted packet. The ISC said that although it isn't aware of >>> any public exploits for the bug, it still recommends that organizations >>> upgrade to one of the newer versions of BIND, which include >>> 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4. >>> >> >> See: >> >> http://svnweb.freebsd.org/base?view=revision&revision=223815 >> > > Are there plans to update 8.2-RELEASE as well? By definition, no. A -RELEASE branch is carved in stone the moment it's cut. If you're referring to whether or not there will be an 8.2-p* branch for this change, that's up to the security officer. Meanwhile my default response is still/always to upgrade to latest ports version. Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4E1BA61B.9090302>