Also bad form to top post. Should i amso mispell some words so you can amuae
yourself?
--
Michael Scheidell, CTO
SECNAP Network Security
-----Original message-----
From: Mark Andrews <marka@isc.org>
To: Michael Scheidell <michael.scheidell@secnap.com>
Cc: "freebsd-security@freebsd.org"
<freebsd-security@freebsd.org>
Sent: Fri, Jul 8, 2011 02:20:48 GMT+00:00
Subject: Re: new bind security bug?
Firstly,
it is bad form to hijack a old thread and reply to it for a
new topic. How hard is it to type "freebsd-security@freebsd.org"
into a To: field and start a new topic? Additionally it may not
be seen by anyone that had marked the old thread to be killed.
In message <4E1652AF.8000000@secnap.com>, Michael Scheidell
writes:> is this a new one?
Yes, these are new. From the referenced advisary notices.
Version 2.0 - 5 July 2011: Public Disclosure
The freebsd security team are aware of this.
>
<http://threatpost.com/en_us/blogs/new-bind-release-fixes-high-severity-remot
> e-bugs-070611>
>
> The high-severity vulnerability in many versions of the BIND software
> has the effect of causing the BIND server to exit when it receives a
> specially formatted packet. The ISC said that although it isn't aware
of
> any public exploits for the bug, it still recommends that organizations
> upgrade to one of the newer versions of BIND, which include
> 9.6-ESV-R4-P3, 9.7.3-P3 or 9.8.0-P4.
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org