Dag-Erling Smorgrav <desofug.org> probably said:
> As far as I know, named itself is not vulnerable, but libbind contains
> the bug, and software that uses libbind's gethost*() (nothing in the
> base system does) is vulnerable.

Does -STABLE's /usr/bin/dig, host, etc, not use libbind, then ?

strings on the binary suggests otherwise.

\pir

-- 
pir                pir-sigpir.net                 pir-signet.tufts.edu
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]