diff options
| author | Doug Barton <dougb@FreeBSD.org> | 2007-07-24 22:02:16 +0000 |
|---|---|---|
| committer | Doug Barton <dougb@FreeBSD.org> | 2007-07-24 22:02:16 +0000 |
| commit | 83aa56c48faf0e726f652730c742a8d0e5034f1d (patch) | |
| tree | 1ae17e28d30b828e125c8d3dbb2e8da741c6a8ee /comms/qsstv | |
| parent | Update to 9.3.4-P1, which fixes the following: (diff) | |
Update to 9.4.1-P1, which has fixes for the following:
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
Notes
Notes:
svn path=/head/; revision=196229
Diffstat (limited to 'comms/qsstv')
0 files changed, 0 insertions, 0 deletions