Date: Fri, 28 Jan 2005 20:47:44 +0000 (UTC) From: Doug Barton <dougb@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/dns/bind9 Makefile distinfo Message-ID: <200501282047.j0SKljjP056578@repoman.freebsd.org>
index | next in thread | raw e-mail
dougb 2005-01-28 20:47:44 UTC
FreeBSD ports repository
Modified files:
dns/bind9 Makefile distinfo
Log:
Include a patch from ISC to deal with the following vulnerability:
Name: BIND: Self Check Failing [Added 2005.25.01]
Versions affected: BIND 9.3.0
Severity: LOW
Exploitable: Remotely
Type: Denial of Service
Description:
An incorrect assumption in the validator (authvalidated) can result in a
REQUIRE (internal consistancy) test failing and named exiting.
Workarounds:
Turn off dnssec validation (off by default) at the options/view level.
dnssec-enable no;
Active Exploits: None known
Bump PORTREVISION accordingly.
It should be noted that the vast majority of users would not have
DNSSEC enabled, and therefore are not vulnerable to this bug.
Revision Changes Path
1.61 +9 -1 ports/dns/bind9/Makefile
1.34 +4 -0 ports/dns/bind9/distinfo
help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501282047.j0SKljjP056578>