The release notes for BIND 9.7.3 contain this:
* A bug in NetBSD and FreeBSD kernels with SO_ACCEPTFILTER enabled
allows for a TCP DoS attack. Until there is a kernel fix, ISC is
disabling SO_ACCEPTFILTER support in BIND. [RT #22589]
The CHANGES file also says:
2996. [security] Temporarily disable SO_ACCEPTFILTER support.
[RT #22589]
Can anyone tell me more? What releases are affected? Is a kernel patch in the
works?
Thanks in advance,
Eric
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
