From owner-freebsd-security Thu Feb 22 23:13:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 4EEAB37B491 for ; Thu, 22 Feb 2001 23:13:18 -0800 (PST) (envelope-from wes@softweyr.com) Received: from [127.0.0.1] (helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 14WCa0-0000fP-00; Fri, 23 Feb 2001 00:23:52 -0700 Message-ID: <3A961008.5EF9D154@softweyr.com> Date: Fri, 23 Feb 2001 00:23:52 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Peter Pentchev Cc: George.Giles@mcmail.vanderbilt.edu, freebsd-security@freebsd.org Subject: Re: Bind vulnerability References: <20010222172509.E440@ringworld.oblivion.bg> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Peter Pentchev wrote: > > On Thu, Feb 22, 2001 at 09:22:03AM -0600, George.Giles@mcmail.vanderbilt.edu wrote: > > The bind vulnerability has been fixed in 4.2-current ? > > There is no such thing as 4.2-current. 4.2 is a place, -CURRENT is a direction. The latest (several) bind vulnerability(s) existed in 4.2, but have been fixed in -CURRENT (only for system developers, quite scary and unstable) and -STABLE (useful for real work). > The BIND vulnerability has been fixed in 4.2-STABLE, yes. Technically, -STABLE is a direction also. But the bind vulnerability(s) are fixed in -STABLE. Read the handbook about using cvsup. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message