On Jan 19, 2010, at 12:28 PM, Evan Hunt wrote:
BIND 9.6.1-P3 is a SECURITY PATCH for BIND 9.6.1. It addresses two potential cache poisoning vulnerabilities, both of which could allow a validating recursive nameserver to cache data which had not been authenticated or was invalid.
Do these vulnerabilities only apply to recursive name servers that have DNSSEC trusted keys or lookaside keys configured? Or do they also apply if the server has dnssec-enable & dnssec-validation enabled (as by default on 9.6.x) but no trusted keys or lookaside keys configured?
Thanks, Dave Coulthart _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
