Re: Recent DNS vulnerabilities

To: netbsd current <current-users%netbsd.org@localhost>, netbsd-users%netbsd.org@localhost, tech-security%netbsd.org@localhost, security-announce%NetBSD.org@localhost
Subject: Re: Recent DNS vulnerabilities
From: Adrian Portelli <adrianp%NetBSD.org@localhost>
Date: Sat, 12 Jul 2008 07:19:17 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

Just a quick update to let everyone know that the pullups for the BIND
packages in pkgsrc have now been completed for pkgsrc-2008Q1.  If you
are currently running this branch please 'cvs update' and you will get
the updated BIND packages which include the fixes for the current issues.

In terms of the patches for the base OS we are still testing them and
the netbsd-4 patches appear to be working well.  In addition to this
we've had positive feedback on the patches for netbsd-3.

There was a typo in the URL for the patches that we're currently testing
at the moment in the last email I sent out.  The correct URL is:

ftp://ftp.astron.com/pub/people/christos/bind/

Please note that the patch for NetBSD 3 is currently not applying
correctly to the netbsd-3-0 branch, we are investigating this.  It does
apply correctly to the netbsd-3 and netbsd-3-1 branch.  The NetBSD 4
patch will apply successfully to both the netbsd-4 and netbsd-4-0 branches.

on behalf of NetBSD Security officer,

adrian.
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAkh4TN4ACgkQLc2rR0mnFJ+fpgCeNDpfg8pEKQsoppG42iQnM3MP
NEwAn21W3uVaYw3izMHodohoOjAjeUK/
=kFaZ
-----END PGP SIGNATURE-----

Prev by Date: Recent DNS vulnerabilities
Next by Date: NetBSD Security Advisory 2008-009: BIND cache poisoning
Previous by Thread: Recent DNS vulnerabilities
Next by Thread: NetBSD Security Advisory 2008-009: BIND cache poisoning
Indexes:

Home | Main Index | Thread Index | Old Index