Date: Mon, 29 Jan 2001 16:25:57 -0500 From: "Peter Brezny" <peter@sysadmin-inc.com> To: <freebsd-security@freebsd.org> Subject: RE: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD Implications ? Message-ID: <005901c08a3a$121869e0$46010a0a@sysadmininc.com> In-Reply-To: <20010129124450.A26735@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
named -v on my 4.2-stable system reports 8.2.3-T6B From the advisory I was under the impression that this one was ok. Did I miss something? Peter Brezny SysAdmin Services Inc. -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Kris Kennaway Sent: Monday, January 29, 2001 3:45 PM To: Si. Cc: freebsd-security@FreeBSD.ORG Subject: Re: [COVERT-2001-01] Multiple Vulnerabilities in BIND - FreeBSD Implications ? On Mon, Jan 29, 2001 at 07:55:44PM +0000, Si. wrote: > 1) The nice people ISC. > 2) The nice people at freebsd-security, i.e. Kris and his team ? It's fixed in BIND 8.2.3, which is being imported into 4.x and 3.x as we speak (it's already in -current). I had hoped to have it done by the time the advisories were released, but circumstances conspired to prevent it. The timing of our advisory 01:10 last week has potential for confusion, but that does not relate to these recent bugs. We hope to have a new advisory out in a couple of days, but in the meantime everyone is urged to upgrade to 4.2-STABLE or 3.5-STABLE once the upgrades are in, or switch to the bind8 port (also not yet updated). I'll drop another note when the relevant upgrades are in place. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005901c08a3a$121869e0$46010a0a>