Date: Sat, 29 Jun 2002 12:34:55 -0600 From: Brett Glass <brett@lariat.org> To: Mark.Andrews@isc.org Cc: security@FreeBSD.ORG Subject: Re: libc flaw: BIND 9 closes most holes but also opens one Message-ID: <4.3.2.7.2.20020629123101.02ed2df0@localhost> In-Reply-To: <200206290335.g5T3ZUm0059814@drugs.dv.isc.org> References: <Your message of "Fri, 28 Jun 2002 16:59:25 CST." <200206282259.QAA03790@lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:35 PM 6/28/2002, Mark.Andrews@isc.org wrote: > Firstly lib/bind is *not* built by default. You have to > explictly build it with "configure --enable-libbind". If that's so, you may still have an old libbind on your system which is vulnerable. ONLY the libbind from 8.3.3 is immune. > "libbind" is a *copy* of BIND 8's libbind which *is* fixed > in 8.2.6 and 8.3.3. Only in 8.3.3, according to ISC. BIND 9.2.1's libbind is not fixed. See http://www.cert.org/advisories/CA-2002-19.html --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020629123101.02ed2df0>