Date: Thu, 17 Nov 2011 10:13:41 -0700 From: Vincent Danen <vdanen@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE-2011-4313: BIND 9 Resolver crashes after logging an error in query.c * [2011-11-17 02:40:28 +0000] The Fungi wrote: >On 2011-11-16 23:43:25 +0400 (+0400), Solar Designer wrote: >[...] >> Does anyone readily know if BIND 9.3.x is affected as well? >[...] > >While obviously not conclusive, I can say that our 9.3.4-P1.2 >resolvers were not impacted and ran clean through while our 9.5.1-P3 >and 9.6-ESV-R4 resolvers crashed and had to be restarted several >times overnight. Our bind maintainer believes that 9.3.6 is affected (but possibly harder to exploit or via a different vector). However, he does not believe that 9.2.x and earlier are affected due to the old DNSSEC implementation (so 9.2.x wouldn't understand current DNSSEC signatures so would not cache them). Some further details can be found in our bug: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4313 -- Vincent Danen / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.