Date: Wed, 08 Jul 2015 11:29:21 -0500 From: Mark Felder <feld@FreeBSD.org> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:11.bind Message-ID: <1436372961.2331021.318495625.381B9FCC@webmail.messagingengine.com> In-Reply-To: <20150707232549.4D7A31B0D@freefall.freebsd.org> References: <20150707232549.4D7A31B0D@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 7, 2015, at 18:25, FreeBSD Security Advisories wrote: > > IV. Workaround > > No workaround is available, but hosts not running named(8) are not > vulnerable. > Why is no workaround available? Can't you just disable DNSSEC validation? dnssec-enable no; dnssec-validation no; In fact, don't they have to be explicitly enabled anyway?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1436372961.2331021.318495625.381B9FCC>