Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Jan 2001 16:25:57 -0500
From:      "Peter Brezny" <peter@sysadmin-inc.com>
To:        <freebsd-security@freebsd.org>
Subject:   RE: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD Implications ?
Message-ID:  <005901c08a3a$121869e0$46010a0a@sysadmininc.com>
In-Reply-To: <20010129124450.A26735@xor.obsecurity.org>

next in thread | previous in thread | raw e-mail | index | archive | help
named -v on my 4.2-stable system reports 8.2.3-T6B

From the advisory I was under the impression that this one was ok.  Did I
miss something?

Peter Brezny
SysAdmin Services Inc.


-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Kris Kennaway
Sent: Monday, January 29, 2001 3:45 PM
To: Si.
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD
Implications ?


On Mon, Jan 29, 2001 at 07:55:44PM +0000, Si. wrote:

> 1) The nice people ISC.
> 2) The nice people at freebsd-security, i.e. Kris and his team ?

It's fixed in BIND 8.2.3, which is being imported into 4.x and 3.x as
we speak (it's already in -current). I had hoped to have it done by
the time the advisories were released, but circumstances conspired to
prevent it.

The timing of our advisory 01:10 last week has potential for
confusion, but that does not relate to these recent bugs. We hope to
have a new advisory out in a couple of days, but in the meantime
everyone is urged to upgrade to 4.2-STABLE or 3.5-STABLE once the
upgrades are in, or switch to the bind8 port (also not yet updated).

I'll drop another note when the relevant upgrades are in place.

Kris



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005901c08a3a$121869e0$46010a0a>