From owner-freebsd-stable Wed Jan 31 7: 4:28 2001 Delivered-To: freebsd-stable@freebsd.org Received: from harp.wrdp.com (harp.dublin.wrdp.net [212.147.130.131]) by hub.freebsd.org (Postfix) with ESMTP id 2204E37B4EC for ; Wed, 31 Jan 2001 07:04:09 -0800 (PST) Received: from JRAFTERY (jraftery.dublin.wrdp.net [172.16.4.52]) by harp.wrdp.com (Postfix) with SMTP id 130C810AC1 for ; Wed, 31 Jan 2001 15:04:00 +0000 (GMT) Message-ID: <002901c08b97$552032f0$340410ac@JRAFTERY> From: "James Raftery" To: References: <77A588078DF6D3118C0A00508B8E0367038757F2@AMSHQB-EXCH02> Subject: Re: Bind 8.2.3-T5B Date: Wed, 31 Jan 2001 15:06:04 -0000 Organization: Worldport Communications Inc MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Does the above bind version have the recently announced "ispig" bug? I don't know of a "ispig" bug. The two released recently for BIND 8.x are called "tsig" and "infoleak" at http://www.isc.org/products/BIND/bind-security.html All versions of BIND 8 before 8.2.3 (including betas) have these bugs present. > What is the best way to update to the next version of bind that doesn't have > the bug? I'm running 4.1.1. You can update to 4-STABLE using the instructions at http://www.freebsd.org/handbook/cutting-edge.html. Or, you can install the port of 8.2.3 from /usr/ports/net/bind8 (make sure you have a recent copy of the ports tree) which will install BIND 8.2.3 under /usr/local. You need to then use /usr/local/sbin/named instead of /usr/sbin/named. Regards, james To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message