Date: Fri, 28 Jun 2002 19:43:28 -0600 (MDT) From: "M. Warner Losh" <imp@village.org> To: DougB@FreeBSD.org Cc: rwatson@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: ports/net/bind8 Makefile distinfo ports/net/bind8/files patch-aa Message-ID: <20020628.194328.51639012.imp@village.org> In-Reply-To: <20020628182743.I16738-100000@zoot.corp.yahoo.com> References: <Pine.NEB.3.96L.1020628205629.30000A-100000@fledge.watson.org> <20020628182743.I16738-100000@zoot.corp.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <20020628182743.I16738-100000@zoot.corp.yahoo.com>
Doug Barton <DougB@FreeBSD.org> writes:
: Actually it's still debatable just how possible it is to exploit the
: resolver bug at all, but that's another topic.
I'm pretty sure it is exploitable. Lots of folks that fix these
things think that it is exploitable. It is better to assume that it
is exploitable and upgrade, than to put one's faith in what reads on
the net on this topic. I mean if Theo is willing to take down the 5
years w/o a root exploit in the base install from the OpenBSD web
page, you know it has got to be real :-)
Warner
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020628.194328.51639012.imp>