diff options
| author | dougb <dougb@FreeBSD.org> | 2007-07-25 08:12:36 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2007-07-25 08:12:36 +0000 |
| commit | e9f5980a15892cbb50c32cfaab95f2dcb23cebcd (patch) | |
| tree | 5e59e5d349bab1b1962e57d794d1ceb729fa3150 /contrib/bind9/version | |
| parent | 7fe38836a11b0c3827d4e4c79c7d24ddf4534957 (diff) | |
| download | FreeBSD-src-e9f5980a15892cbb50c32cfaab95f2dcb23cebcd.zip FreeBSD-src-e9f5980a15892cbb50c32cfaab95f2dcb23cebcd.tar.gz | |
Vendor import of 9.4.1-P1, which has fixes for the following:
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925
2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.
This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.
All users are encouraged to upgrade.
See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
Approved by: re (kensmith, implicit)
Diffstat (limited to 'contrib/bind9/version')
| -rw-r--r-- | contrib/bind9/version | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/contrib/bind9/version b/contrib/bind9/version index 868b69f..da1d9cc 100644 --- a/contrib/bind9/version +++ b/contrib/bind9/version @@ -1,4 +1,4 @@ -# $Id: version,v 1.29.134.13.8.1 2007/04/30 01:11:30 marka Exp $ +# $Id: version,v 1.29.134.13.8.2 2007/06/27 02:10:22 marka Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -6,5 +6,5 @@ MAJORVER=9 MINORVER=4 PATCHVER=1 -RELEASETYPE= -RELEASEVER= +RELEASETYPE=-P +RELEASEVER=1 |
