d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
81319550dd
freebsd-dev/contrib/bind9/bin
History
Doug Barton a02f92e875 Update to version 9.3.2-P2, which addresses the vulnerability 
announced by ISC dated 31 October (delivered via e-mail to the
bind-announce@isc.org list on 2 November):

Description:
        Because of OpenSSL's recently announced vulnerabilities
        (CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named,
        we are announcing this workaround and releasing patches.  A proof of
        concept attack on OpenSSL has been demonstrated for CAN-2006-4339.

        OpenSSL is required to use DNSSEC with BIND.

Fix for version 9.3.2-P1 and lower:
        Upgrade to BIND 9.3.2-P2, then generate new RSASHA1 and
        RSAMD5 keys for all old keys using the old default exponent
        and perform a key rollover to these new keys.

        These versions also change the default RSA exponent to be
        65537 which is not vulnerable to the attacks described in
        CAN-2006-4339.
2006-11-04 07:53:25 +00:00
..
check Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
dig Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
dnssec Remove files from the vendor branch that are no longer present 2006-01-14 02:11:56 +00:00
named Update to version 9.3.2-P2, which addresses the vulnerability 2006-11-04 07:53:25 +00:00
nsupdate Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
rndc Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
Makefile.in Vender import of BIND 9.3.0rc4. 2004-09-19 01:30:24 +00:00