From owner-freebsd-security Tue Feb 20 18: 2:32 2001 Delivered-To: freebsd-security@freebsd.org Received: from mta6.snfc21.pbi.net (mta6.snfc21.pbi.net [206.13.28.240]) by hub.freebsd.org (Postfix) with ESMTP id D609937B65D; Tue, 20 Feb 2001 18:02:24 -0800 (PST) (envelope-from kris@obsecurity.org) Received: from xor.obsecurity.org ([64.165.226.103]) by mta6.snfc21.pbi.net (Sun Internet Mail Server sims.3.5.2000.01.05.12.18.p9) with ESMTP id <0G8G00180G36PA@mta6.snfc21.pbi.net>; Thu, 8 Feb 2001 12:11:31 -0800 (PST) Received: by xor.obsecurity.org (Postfix, from userid 1000) id 3EDC966CBE; Thu, 08 Feb 2001 12:14:12 -0800 (PST) Date: Thu, 08 Feb 2001 12:14:12 -0800 From: Kris Kennaway Subject: Re: FreeBSD Security Advisory: FreeBSD-SA-01:10.bind [REVISED] In-reply-to: <200102081752.MAA50931@giganda.komkon.org>; from str@giganda.komkon.org on Thu, Feb 08, 2001 at 12:52:19PM -0500 To: Igor Roshchin Cc: security-officer@freebsd.org, security@freebsd.org Message-id: <20010208121412.A46381@mollari.cthul.hu> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="IS0zKkzwUGydFO0o" Content-disposition: inline User-Agent: Mutt/1.2.5i References: <200102081752.MAA50931@giganda.komkon.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Feb 08, 2001 at 12:52:19PM -0500, Igor Roshchin wrote: >=20 > I already made this comment when the earlier advisory > on bind was issued: > Reference to 4.x is not completely correct (or at least, > confusing) , since 4.0-RELEASE had > earlier, vulnerable version of bind. >=20 > Kris, you probably forgot about your intention to correct that part > of the advisory. Yeah, I did forget, but I don't think it's really important since SA-01:18 affects 4.0 and is far more serious. I don't want people saying "oh, we run 4.0, so we don't have bind problems" - as noted in this rerelease there's a big discrepancy between downloads of 01:10 and 01:18 for some reason. Kris --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6gv4TWry0BWjoQKURArd6AKCuUN4AZiprn6VtDzZA33SdwknuvwCgiHFC xf1s5waugrDypJaLvAFmMKU= =epGP -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message