Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Igor Roshchin (strgiganda.komkon.org)
Date: Thu Feb 08 2001 - 11:52:19 CST
I already made this comment when the earlier advisory
on bind was issued:
Reference to 4.x is not completely correct (or at least,
confusing) , since 4.0-RELEASE had
earlier, vulnerable version of bind.
Kris, you probably forgot about your intention to correct that part
of the advisory.
> From owner-freebsd-securityFreeBSD.ORG Wed Feb 7 14:29:17 2001
> Date: Wed, 7 Feb 2001 11:28:33 -0800 (PST)
> From: FreeBSD Security Advisories <security-advisoriesFreeBSD.ORG>
> To: FreeBSD Security Advisories <security-advisoriesFreeBSD.ORG>
> Subject: FreeBSD Security Advisory: FreeBSD-SA-01:10.bind [REVISED]
> -----BEGIN PGP SIGNED MESSAGE-----
> FreeBSD-SA-01:10 Security Advisory
> FreeBSD, Inc.
> Topic: bind remote denial of service [REVISED]
> Category: core, ports
> Module: bind
> Announced: 2001-01-23
> Revised: 2001-02-07
> Credits: Fabio Pietrosanti <fabioTELEMAIL.IT>
> Affects: FreeBSD 3.x prior to the correction date.
> Ports collection prior to the correction date.
> Corrected: 2000-11-27 (FreeBSD 3.5-STABLE)
> 2001-01-05 (Ports collection)
> Vendor status: Updated version released
> FreeBSD only: NO
> 0. Revision History
> v1.0 2001-01-23 Initial release
> v1.1 2001-02-07 Rerelease to note the far more serious problems described
> in SA-01:18
> All versions of FreeBSD 3.x prior to the correction date including
> 3.5.1-RELEASE are vulnerable to this problem. In addition, the bind8
> port in the ports collection is also vulnerable. FreeBSD 4.x is not
> affected since it contains versions of BIND 8.2.3.
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message