From owner-freebsd-security@FreeBSD.ORG  Tue Jul 30 09:01:19 2013
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 4AE75EB0
 for <freebsd-security@freebsd.org>; Tue, 30 Jul 2013 09:01:19 +0000 (UTC)
 (envelope-from erwin@mail.droso.net)
Received: from mail.droso.net (koala.droso.dk [213.239.220.246])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 0C8112E99
 for <freebsd-security@freebsd.org>; Tue, 30 Jul 2013 09:01:18 +0000 (UTC)
Received: by mail.droso.net (Postfix, from userid 1001)
 id 34DD0820E; Tue, 30 Jul 2013 11:01:16 +0200 (CEST)
Date: Tue, 30 Jul 2013 11:01:16 +0200
From: Erwin Lansing <erwin@lansing.dk>
To: Peter Losher <plosher@plosh.net>
Subject: Re: bind9 and CVE-2013-4854
Message-ID: <20130730090115.GK84587@droso.dk>
References: <20130726230549.GB64252@lonrach.local>
 <CAMCLrkF8u-UmMnfG9=RkGMWYZn+L4vK7Mg1XW_pa9HbdLx4r8w@mail.gmail.com>
 <20130727085458.GB68862@lonrach.local>
 <46029EF7-D574-4953-AE8D-4BA79F5295BB@plosh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <46029EF7-D574-4953-AE8D-4BA79F5295BB@plosh.net>
X-Operating-System: FreeBSD/amd64 9.1-RELEASE
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Mailman-Approved-At: Tue, 30 Jul 2013 11:27:27 +0000
Cc: freebsd-security@freebsd.org
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2013 09:01:19 -0000

On Sat, Jul 27, 2013 at 11:06:09AM -0700, Peter Losher wrote:
> On 27 Jul 2013, at 1:54, Ollivier Robert wrote:
> 
> > According to Mark Boolootian:
> >> Thank you very much for that.  Does this include the RRL/RPZ patches?
> >
> > The -P1 patch seems to apply and run on the -P2 version (security 
> > patch is very isolated to one line).
> 
> Note that this week ISC have announced going forward that RRL will be 
> integrated into the mainline BIND releases.
> 
> Re: 
> http://www.isc.org/blogs/isc-adds-ddos-defense-module-to-bind-software/
> 
> So the need for patches for RRL will be a moot point soon??? ;)
> 

That's good news indeed, thanks for the pointer Peter.

Erwin

-- 
Erwin Lansing                       (o_ _o)        http://droso.dk
                                 \\\_\   /_///
erwin@lansing.dk                 <____) (____>