In message <20130326163235.ga31...@redhat.com>, Adam Tkac writes:
> Hello,
>
> if I understand correctly, this isn't issue in BIND itself but it is some
> memory
> leak in underlying regexp library (glibc in Linux case). Can you please
> clarify
> which exact flaw in glibc (or other regex imple
Thank you.
--
Jack Tavares
From: ISC Support Staff [support-st...@isc.org]
Sent: Tuesday, March 26, 2013 11:08
To: Jack Tavares
Cc: bind-us...@isc.org
Subject: Re: ISC Security Advisory: CVE-2013-2266: A Maliciously Crafted
Regular Expression Can Cause
On 3/26/13 10:05 AM, Jack Tavares wrote:
I have a request for clarification:
The workaround states to rebuild BIND with regexp support disabled.
And I see new versions of BIND have been released.
Are those versions just a rebuild with regexp support disabled?
Or are they a more comprehensive f
: CVE-2013-2266: A Maliciously Crafted Regular
Expression Can Cause Memory Exhaustion in named
Note:
This email advisory is provided for your information. The most
up to date advisory information will always be at:
https://kb.isc.org/article/AA-00871 please use this URL for the
Hello,
if I understand correctly, this isn't issue in BIND itself but it is some memory
leak in underlying regexp library (glibc in Linux case). Can you please clarify
which exact flaw in glibc (or other regex implementation) makes BIND vulnerable
to remote DoS? Is it already reported to regex lib
Note:
This email advisory is provided for your information. The most
up to date advisory information will always be at:
https://kb.isc.org/article/AA-00871 please use this URL for the
most up to date advisory information.
---
A critical defect in BIND 9 allows an attacker to cause exce
6 matches
Mail list logo
