From owner-freebsd-questions@FreeBSD.ORG Wed Jul 25 05:38:56 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B4E0D16A41A for ; Wed, 25 Jul 2007 05:38:56 +0000 (UTC) (envelope-from info@plot.uz) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173]) by mx1.freebsd.org (Postfix) with ESMTP id 17DAE13C459 for ; Wed, 25 Jul 2007 05:38:55 +0000 (UTC) (envelope-from info@plot.uz) Received: by ug-out-1314.google.com with SMTP id o4so310833uge for ; Tue, 24 Jul 2007 22:38:55 -0700 (PDT) Received: by 10.67.119.13 with SMTP id w13mr1131600ugm.1185341935552; Tue, 24 Jul 2007 22:38:55 -0700 (PDT) Received: from plot.uz ( [83.221.170.73]) by mx.google.com with ESMTPS id 35sm1422862nfu.2007.07.24.22.38.51 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 24 Jul 2007 22:38:55 -0700 (PDT) X-Spam-Checker-Version: SpamAssassin 3.1.7 (2006-10-05) X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=unavailable version=3.1.7 X-Spam-Report: Received: from localhost by plot.uz (MDaemon PRO v9.5.5) with DomainPOP id md50000004000.msg for ; Wed, 25 Jul 2007 10:38:41 +0500 Delivered-To: aleksey@plot.uz Received: by 10.100.111.17 with SMTP id j17cs992342anc; Tue, 24 Jul 2007 17:08:25 -0700 (PDT) Received: by 10.114.161.11 with SMTP id j11mr69590wae.1185322104999; Tue, 24 Jul 2007 17:08:24 -0700 (PDT) Received: from mx2.freebsd.org (mx2.freebsd.org [69.147.83.53]) by mx.google.com with ESMTP id m6si70135wag.2007.07.24.17.08.24; Tue, 24 Jul 2007 17:08:25 -0700 (PDT) Received-SPF: pass (google.com: domain of owner-freebsd-security@freebsd.org designates 69.147.83.53 as permitted sender) Received: from hub.freebsd.org (hub.freebsd.org [IPv6:2001:4f8:fff6::36]) by mx2.freebsd.org (Postfix) with ESMTP id 4B5EE195C3; Wed, 25 Jul 2007 00:06:23 +0000 (UTC) (envelope-from owner-freebsd-security@freebsd.org) Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 4007216A474; Wed, 25 Jul 2007 00:06:23 +0000 (UTC) (envelope-from owner-freebsd-security@freebsd.org) Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3AFD816A477 for ; Wed, 25 Jul 2007 00:06:16 +0000 (UTC) (envelope-from simon@benji.nitro.dk) Received: from mx.nitro.dk (zarniwoop.nitro.dk [83.92.207.38]) by mx1.freebsd.org (Postfix) with ESMTP id 5C57213C491 for ; Wed, 25 Jul 2007 00:01:46 +0000 (UTC) (envelope-from simon@benji.nitro.dk) Received: from benji.nitro.dk (unknown [192.168.3.39]) by mx.nitro.dk (Postfix) with ESMTP id 53F2A2DE284; Tue, 24 Jul 2007 23:46:19 +0000 (UTC) Received: by benji.nitro.dk (Postfix, from userid 2000) id E63BAFD9F; Wed, 25 Jul 2007 01:46:36 +0200 (CEST) Date: Wed, 25 Jul 2007 01:46:36 +0200 To: FreeBSD Questions , freebsd-security@FreeBSD.org Message-ID: <20070724234636.GA6738@zaphod.nitro.dk> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="CE+1k2dSO48ffgeK" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.16 (2007-06-09) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Errors-To: owner-freebsd-security@freebsd.org X-Return-Path: owner-freebsd-security@freebsd.org X-Envelope-From: owner-freebsd-security@freebsd.org X-MDaemon-Deliver-To: freebsd-questions@freebsd.org X-Spam-Processed: plot.uz, Wed, 25 Jul 2007 10:38:41 +0500 From: "Simon L. Nielsen" Cc: FreeBSD Security Team , Jeffrey Goldberg Subject: Re: Waiting for BIND security announcement X-BeenThere: freebsd-questions@freebsd.org Reply-To: "Simon L. Nielsen" , freebsd-security@FreeBSD.org, FreeBSD Security Team List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jul 2007 05:38:56 -0000 --CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable [freebsd-security@ CC'ed to avoid answering the same there again shorly :) - if following up, please drop either freebsd-questions or freebsd-securiy to avoid "spamming" both lists] On 2007.07.24 18:15:43 -0500, Jeffrey Goldberg wrote: > As I'm sure many people know there is a newly discovered BIND vulnerabili= ty=20 > allowing cache injection (pharming). See >=20 > http://www.isc.org/index.pl?/sw/bind/bind-security.php >=20 > for details. >=20 > The version of bind on 6.2, 9.3.3, looks like it is vulnerable (along wit= h=20 > many other versions). It's not particularly an issue for me since my nam= e=20 > servers aren't publicly queryable, but I am curios about how things like= =20 > security problems in > src/contrib get handled in FreeBSD. Yes, the FreeBSD Security Team and the FreeBSD BIND maintainer are aware of the issue and are working on fixing it in FreeBSD as soon as possible. More details about the issue can be found at: http://www.isc.org/sw/bind/bind-security.php . Our general security handling policies can be found at: http://security.FreeBSD.org/ . --=20 Simon L. Nielsen FreeBSD Deputy Security Officer --CE+1k2dSO48ffgeK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGpo9cBJx0gP90kKsRAmOJAJ9Z5JepxUgI7J71CSp5ujQPVPNjTQCdGl3T yHN5mMu1zKojJwDDzGSV9Bw= =sEQS -----END PGP SIGNATURE----- --CE+1k2dSO48ffgeK--