From owner-freebsd-security@FreeBSD.ORG  Thu Feb  1 21:20:55 2007
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1158A16A400
	for <freebsd-security@freebsd.org>;
	Thu,  1 Feb 2007 21:20:55 +0000 (UTC)
	(envelope-from cperciva@freebsd.org)
Received: from pd4mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net
	[24.71.223.10])
	by mx1.freebsd.org (Postfix) with ESMTP id DF57313C441
	for <freebsd-security@freebsd.org>;
	Thu,  1 Feb 2007 21:20:54 +0000 (UTC)
	(envelope-from cperciva@freebsd.org)
Received: from pd5mr3so.prod.shaw.ca
	(pd5mr3so-qfe3.prod.shaw.ca [10.0.141.144]) by l-daemon
	(Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004))
	with ESMTP id <0JCS00J2BZAVU2G0@l-daemon> for
	freebsd-security@freebsd.org; Thu, 01 Feb 2007 14:20:55 -0700 (MST)
Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148])
	by pd5mr3so.prod.shaw.ca (Sun Java System Messaging Server 6.2-7.05
	(built Sep
	5 2006)) with ESMTP id <0JCS008TBZ4KT4D0@pd5mr3so.prod.shaw.ca> for
	freebsd-security@freebsd.org; Thu, 01 Feb 2007 14:17:09 -0700 (MST)
Received: from hexahedron.daemonology.net ([24.82.18.31])
	by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15
	2004)) with SMTP id <0JCS004PLYXNW911@l-daemon> for
	freebsd-security@freebsd.org; Thu, 01 Feb 2007 14:13:00 -0700 (MST)
Received: (qmail 63375 invoked from network); Thu, 01 Feb 2007 21:12:58 +0000
Received: from unknown (HELO ?127.0.0.1?) (127.0.0.1)
	by localhost with SMTP; Thu, 01 Feb 2007 21:12:58 +0000
Date: Thu, 01 Feb 2007 13:12:58 -0800
From: Colin Percival <cperciva@freebsd.org>
In-reply-to: <45C24D57.3000704@mac.com>
To: Chuck Swiger <cswiger@mac.com>
Message-id: <45C257DA.7010205@freebsd.org>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7bit
X-Enigmail-Version: 0.94.0.0
References: <001601c74428$ff9d54b0$ab76ed54@odipw>
	<45BEE27D.1050804@FreeBSD.org> <45BFA1B3.9040000@rxsec.com>
	<45C23DAA.9040108@FreeBSD.org> <45C24D57.3000704@mac.com>
User-Agent: Thunderbird 1.5.0.9 (X11/20061227)
Cc: freebsd-security@freebsd.org, Chris Marlatt <cmarlatt@rxsec.com>
Subject: Re: What about BIND 9.3.4 in FreeBSD in base system ?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Feb 2007 21:20:55 -0000

Chuck Swiger wrote:
> I've been bitten by CVE-2006-4096, and have applied the workaround to
> limit the # of outstanding queries.  I've got two nameservers tracking
> 5-STABLE which were vulnerable to CVE-2006-4095

You realize that these two issues were addressed in FreeBSD-SA-06:20.bind
on September 6th, right?

Colin Percival