fyi. Anyone knows anything about it? ----- Original Message ----- From: "John" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, March 04, 2003 13:04 Subject: BIND 9.2.2 Vulnerabilities?
| | The ISC website lists the following as of today: | | http://www.isc.org/products/BIND/bind-security.html | | "ISC has discovered or has been notified of several bugs which can result | in vulnerabilities of varying levels of severity in BIND as distributed by | ISC. Upgrading to BIND version 9.2.2 is strongly recommended. If you | cannot upgrade, BIND 8.3.4, 8.2.7, and 4.9.11 are available." | | 9.2.2 apparently was just released yesterday though I've seen no | discussion about any specific vulnerabilities. | | The matrix at the bottom of the list shows two vulnerabilities, one with | openssl, the other with libbind. | | Can anyone elaborate on what's happened here? I susbscribe to the BIND | mailing list and haven't heard anything about this issue. | | Thx | | _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
