Jeremy Kister on 10 Jul 2008 07:47:09 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] OT: The DNS Patch

On 7/10/2008 9:10 AM, James Barrett wrote:
> Sorry, what specific patch?  The vulnerability was in the standard, so
> there are hopefully as many patches available as there are actively
> developed projects...

the vulnerability lies within the interpretation of the standard.

e.g. dnscache from djbdns remains rather immune.

most of the patches we're seeing (certainly bind) are simply emulating the 
behavior djb was telling everyone was necessary 8 years ago.


Jeremy Kister

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --