From owner-freebsd-security@FreeBSD.ORG Fri Jul 8 02:20:39 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D913F106564A for ; Fri, 8 Jul 2011 02:20:39 +0000 (UTC) (envelope-from marka@isc.org) Received: from mx.pao1.isc.org (mx.pao1.isc.org [IPv6:2001:4f8:0:2::2b]) by mx1.freebsd.org (Postfix) with ESMTP id BE2A28FC08 for ; Fri, 8 Jul 2011 02:20:39 +0000 (UTC) Received: from bikeshed.isc.org (bikeshed.isc.org [IPv6:2001:4f8:3:d::19]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "bikeshed.isc.org", Issuer "ISC CA" (verified OK)) by mx.pao1.isc.org (Postfix) with ESMTPS id 499F4C94C7; Fri, 8 Jul 2011 02:20:30 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (unknown [IPv6:2001:470:1f00:820:6233:4bff:fe01:7585]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by bikeshed.isc.org (Postfix) with ESMTPSA id F1AB9216C7B; Fri, 8 Jul 2011 02:20:29 +0000 (UTC) (envelope-from marka@isc.org) Received: from drugs.dv.isc.org (localhost [127.0.0.1]) by drugs.dv.isc.org (Postfix) with ESMTP id 86B27119C12F; Fri, 8 Jul 2011 12:20:26 +1000 (EST) To: Michael Scheidell From: Mark Andrews References: <4E1652AF.8000000@secnap.com> In-reply-to: Your message of "Thu, 07 Jul 2011 20:43:27 -0400." <4E1652AF.8000000@secnap.com> Date: Fri, 08 Jul 2011 12:20:26 +1000 Message-Id: <20110708022026.86B27119C12F@drugs.dv.isc.org> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mx.pao1.isc.org Cc: freebsd-security@freebsd.org Subject: Re: new bind security bug? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 02:20:39 -0000 Firstly, it is bad form to hijack a old thread and reply to it for a new topic. How hard is it to type "freebsd-security@freebsd.org" into a To: field and start a new topic? Additionally it may not be seen by anyone that had marked the old thread to be killed. In message <4E1652AF.8000000@secnap.com>, Michael Scheidell writes: > is this a new one? Yes, these are new. From the referenced advisary notices. Version 2.0 - 5 July 2011: Public Disclosure The freebsd security team are aware of this. > e-bugs-070611> > > The high-severity vulnerability in many versions of the BIND software > has the effect of causing the BIND server to exit when it receives a > specially formatted packet. The ISC said that although it isn't aware of > any public exploits for the bug, it still recommends that organizations > upgrade to one of the newer versions of BIND, which include > 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4. > > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org