Re: new bind security bug?




Firstly,
it is bad form to hijack a old thread and reply to it for a
new topic. How hard is it to type "freebsd-security@xxxxxxxxxxx"
into a To: field and start a new topic? Additionally it may not
be seen by anyone that had marked the old thread to be killed.

In message <4E1652AF.8000000@xxxxxxxxxx>, Michael Scheidell writes:
is this a new one?

Yes, these are new. From the referenced advisary notices.

Version 2.0 - 5 July 2011: Public Disclosure

The freebsd security team are aware of this.

<http://threatpost.com/en_us/blogs/new-bind-release-fixes-high-severity-remot
e-bugs-070611>

The high-severity vulnerability in many versions of the BIND software
has the effect of causing the BIND server to exit when it receives a
specially formatted packet. The ISC said that although it isn't aware of
any public exploits for the bug, it still recommends that organizations
upgrade to one of the newer versions of BIND, which include
9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4.


--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@xxxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages