> Well, bind links against it and of course all shell tools which come with it > (dig, nslookup et all). I'm not sure what else. For peace of mind I just > threw a PKG with bind-8.3.3 together, but as Eddy said, upgrading from the > sources is also easy enough. >
Doing that is all well and good, but you must not forget about the other software that is linked staticaly with the affected library itself. On the reports I have seen this includes sendmail etc... so this is another "zlib style" security problem. Thats not fixed by a simple update of one "main" package. ChrisB. -- http://ChrisBurton.info/ http://www.tyneside.lug.org.uk/ _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
