Is this something we should worry about with STN v2.1.3???
--==jb==--
--
========================================================================
john burton The SANDBOX ** MultiLine Linux
mailto:[EMAIL PROTECTED]
MidWest City, Oklahoma
finger:[EMAIL PROTECTED]
========================================================================
Aaron Grewell wrote:
>
> Does anybody know what's different between p3 and p5? According to ISC's site,
>anything higher than
> p2 doesn't have the vulnerabilities reported to CERT, but I wasn't able to find a
>description of the
> differences between the patch revs.
>From the BIND 8.2.2-P5 release announcement from Paul Vixie:
---------------
Some highlights vs. BIND 8.2.2:
Bug in named-xfer (from patchlevel 4).
Portability to IPv6 versions of FreeBSD, OpenBSD, NetBSD.
Portability improvements (A/UX, AIX, IRIX, NetBSD, SCO, MPE/IX,
NT).
"also-notify" option could cause memory allocation errors.
IXFR improvements (though client-side is still disabled).
Contributed software upgraded (including TIS's "dns_signer").
Several latent denial-of-service bugs fixed (from audits, not
abuse).
New "make noesw" top-level target for removing encumbered
components.
---------------
Other than the "latent denial-of-service bugs", moving from Patchlevel 3 to
5 is an ordinary bug fix release. I'd still recommend that anyone running
BIND on a primary server download, compile, and install the latest release
from ftp://ftp.isc.org/isc/bind/src/8.2.2-P5/.
When 8.2.2-P3 was released, there was a small "patch4" file in the source
directory that fixed named-xfer (zone transfers). I don't know if Caldera
included this one-line patch in their 8.2.2-p3 RPM (I recompiled from the
source and applied the patch in my own source tree).
-- Lee E. Brotzman E-mail: [EMAIL PROTECTED]
-- Allied Technology Group Phone : 814-861-5028
---------------------------------------------------------------------
Archive: http://www.mail-archive.com/[email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
