Date: Fri, 28 Jun 2002 16:59:25 -0600 (MDT) From: Brett Glass <brett@lariat.org> To: security@freebsd.org Subject: libc flaw: BIND 9 closes most holes but also opens one Message-ID: <200206282259.QAA03790@lariat.org>
next in thread | raw e-mail | index | archive | help
I've installed BIND 9 on our main domain name server to shield systems (including Windows boxes, which may be vulnerable) from the libc hole. Unfortunately, according to ISC, BIND 9 comes with a version of libbind that's vulnerable. (See http://www.cert.org/advisories/CA-2002-19.html.) So, if you load up BIND 9 and an app that uses it (such as Sendmail) links to the vulnerable libbind, you're still exposed. This problem may take even longer to mop up than I first thought (and I was pessimistic to start with). I was slated to build a new server today, but since 4.6-RELEASE-p1 isn't yet up on the Japanese snapshot server yet, I think I'll wait. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206282259.QAA03790>