Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 8 Feb 2001 12:52:19 -0500 (EST)
From:      Igor Roshchin <str@giganda.komkon.org>
To:        security-officer@freebsd.org, security@freebsd.org
Subject:   Re: FreeBSD Security Advisory: FreeBSD-SA-01:10.bind [REVISED]
Message-ID:  <200102081752.MAA50931@giganda.komkon.org>
next in thread | raw e-mail | index | archive | help 

I already made this comment when the earlier advisory
on bind was issued:
Reference to 4.x is not completely correct (or at least,
confusing) , since 4.0-RELEASE had
earlier, vulnerable version of bind.

Kris, you probably forgot about your intention to correct that part
of the advisory.

Best,

Igor


> From owner-freebsd-security@FreeBSD.ORG Wed Feb  7 14:29:17 2001
> Date: Wed, 7 Feb 2001 11:28:33 -0800 (PST)
> From: FreeBSD Security Advisories <security-advisories@FreeBSD.ORG>
> To: FreeBSD Security Advisories <security-advisories@FreeBSD.ORG>
> Subject: FreeBSD Security Advisory: FreeBSD-SA-01:10.bind [REVISED]
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> =============================================================================
> FreeBSD-SA-01:10                                           Security Advisory
>                                                                 FreeBSD, Inc.
>
> Topic:          bind remote denial of service [REVISED]
>
> Category:       core, ports
> Module:         bind
> Announced:      2001-01-23
> Revised:	2001-02-07
> Credits:	Fabio Pietrosanti <fabio@TELEMAIL.IT>
> Affects:        FreeBSD 3.x prior to the correction date.
> 		Ports collection prior to the correction date.
> Corrected:      2000-11-27 (FreeBSD 3.5-STABLE)
> 		2001-01-05 (Ports collection)
> Vendor status:  Updated version released
> FreeBSD only:   NO
>
> 0.   Revision History
>
> v1.0  2001-01-23  Initial release
> v1.1  2001-02-07  Rerelease to note the far more serious problems described
>                   in SA-01:18
>

<..>

>
> All versions of FreeBSD 3.x prior to the correction date including
> 3.5.1-RELEASE are vulnerable to this problem.  In addition, the bind8
> port in the ports collection is also vulnerable.  FreeBSD 4.x is not
> affected since it contains versions of BIND 8.2.3.
>


<...>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102081752.MAA50931>