Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 20 Jan 2010 09:00:01 -0500 (EST)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: BIND CVE-2009-4022 fix incomplete


----- "Josh Bressers" <bressers@...hat.com> wrote:

> Hi Steve,
> 
> I'm not assigning this one as I'm not sure if you've seen this or
> not.
> 
> ISC released an update today for BIND, part of it was that
> CVE-2009-4022
> was not completely fixed:
> https://www.isc.org/advisories/CVE-2009-4022
> 
> If you look down at the bottom of their advisory you can see this:
>     Jan. 19 - Revised Summary, Severity, Description, Workaround,
> Impact &
>     Solution (earlier fixes incomplete) 
> 
> As best as we can tell, this is why:
> https://bugzilla.redhat.com/show_bug.cgi?id=554851#c7
> 

As this is holding up a Red Hat erratum, risking a dupe, I've
assigned this CVE-2010-0290.

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.