[I'm cc'ing this to [EMAIL PROTECTED], but they are probably already aware of things. I don't require a response from them, but if they do, a posting to the questions are announcement lists would be great. I don't need a personal response.]

As I'm sure many people know there is a newly discovered BIND vulnerability allowing cache injection (pharming). See

  http://www.isc.org/index.pl?/sw/bind/bind-security.php

for details.

The version of bind on 6.2, 9.3.3, looks like it is vulnerable (along with many other versions). It's not particularly an issue for me since my name servers aren't publicly queryable, but I am curios about how things like security problems in
src/contrib get handled in FreeBSD.

Cheers,

-j


--
Jeffrey Goldberg                        http://www.goldmark.org/jeff/

Reply via email to