Date: Fri, 02 Feb 2007 10:19:19 +1100 From: Mark Andrews <Mark_Andrews@isc.org> To: Doug Barton <dougb@freebsd.org> Cc: freebsd-security@freebsd.org, Chris Marlatt <cmarlatt@rxsec.com> Subject: Re: What about BIND 9.3.4 in FreeBSD in base system ? Message-ID: <200702012319.l11NJJ7r065204@drugs.dv.isc.org> In-Reply-To: Your message of "Thu, 01 Feb 2007 11:21:14 -0800." <45C23DAA.9040108@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Chris Marlatt wrote: > > Doug Barton wrote: > >> > >> plan to MFC it after 4 or 5 days. I am actually considering only > >> MFC'ing it to RELENG_6 to help provide some incentive for those on 5.x > >> to upgrade. > >> > > > > One would assume that the release would be supported up until the EOL > > provided on freebsd.org of May 31, 2008. > > Yes, but whether a full upgrade is needed for "support" or not depends > on your definition. Given that FreeBSD is not vulnerable to these > issues in its default configuration, one could easily argue that an > upgrade for RELENG_5 isn't necessary. > > Doug The subject here is 9.3.4. All the issues raised in this thread so far were addressed as of 9.3.2-P2 / 9.3.3. To the best of my knowledge these have already been addresed. There are two new issue for 9.3.4. CVE-2007-0494 which is only a problem if you are doing DNSEC validation. CVE-2007-0493 which any recursive 9.3.x (x<4) named is vulnerable. Mark > -- > > This .signature sanitized for your protection > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702012319.l11NJJ7r065204>