Jan Niehusmann <[EMAIL PROTECTED]> writes:
> I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> I can't speak for the security team (since I'm not part of it). As
> far as I know these vulnerabilities are there in the Debian version. As a
> matter of fact ISS seems to have given only 9 hours of previous notice to
> vendors (a
Jan Niehusmann <[EMAIL PROTECTED]> writes:
> I assume lynda will get a lot of emails...
Yes, this is an interesting way of distributing critical security
patches. Anybody can get the patches from there, so it's very likely
that the underground has them now.
--
Florian Weimer
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> I can't speak for the security team (since I'm not part of it). As
> far as I know these vulnerabilities are there in the Debian version. As a
> matter of fact ISS seems to have given only 9 hours of previous notice to
> vendors (a
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
> ISC recommends that BIND installations should be upgraded to BIND version
> 4.9.11, 8.2.7, 8.3.4 or to BIND version 9.
>
> (from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have c
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
> Unfortunately the only way to fix it currently (since even ISCs
> has not published patches although there seems to be some patches
> available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommen
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
> It is my understanding all of these vulnerabilities exist in the *stock*
> version of Bind 8.3.3-REL from ISC.
>
> Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm
On Wed, Nov 13, 2002 at 09:52:09AM +0100, Jan Niehusmann wrote:
> ISC recommends that BIND installations should be upgraded to BIND version 4.9.11,
>8.2.7, 8.3.4 or to BIND version 9.
>
> (from http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21469)
Well, sorry, I should have ch
On Wed, Nov 13, 2002 at 09:39:05AM +0100, Javier Fernández-Sanguino Peña wrote:
> Unfortunately the only way to fix it currently (since even ISCs
> has not published patches although there seems to be some patches
> available from unofficial sources) is to upgrade to bind9. Yuck
ISC recommen
On Wed, Nov 13, 2002 at 12:31:48AM -0500, Roger Ward wrote:
> It is my understanding all of these vulnerabilities exist in the *stock* version of
>Bind 8.3.3-REL from ISC.
>
> Have any of these issues been addressed in the current version?
I can't speak for the security team (since I'm
It is my understanding all of these vulnerabilities
exist in the *stock* version of Bind 8.3.3-REL from ISC.
Have any of these issues been addressed in the
current version?
CAN-2002-1219 BIND SIG Cached RR Overflow Vulnerability CAN-2002-1220
BIND OPT DoS CAN-2002-1221 BIND SIG Expiry Ti
It is my understanding all of these vulnerabilities
exist in the *stock* version of Bind 8.3.3-REL from ISC.
Have any of these issues been addressed in the
current version?
CAN-2002-1219 BIND SIG Cached RR Overflow Vulnerability CAN-2002-1220
BIND OPT DoS CAN-2002-1221 BIND SIG Expiry Ti
12 matches
Mail list logo
