d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a02f92e875
freebsd-dev/contrib/bind9/lib
History
Doug Barton a02f92e875 Update to version 9.3.2-P2, which addresses the vulnerability 
announced by ISC dated 31 October (delivered via e-mail to the
bind-announce@isc.org list on 2 November):

Description:
        Because of OpenSSL's recently announced vulnerabilities
        (CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named,
        we are announcing this workaround and releasing patches.  A proof of
        concept attack on OpenSSL has been demonstrated for CAN-2006-4339.

        OpenSSL is required to use DNSSEC with BIND.

Fix for version 9.3.2-P1 and lower:
        Upgrade to BIND 9.3.2-P2, then generate new RSASHA1 and
        RSAMD5 keys for all old keys using the old default exponent
        and perform a key rollover to these new keys.

        These versions also change the default RSA exponent to be
        65537 which is not vulnerable to the attacks described in
        CAN-2006-4339.
2006-11-04 07:53:25 +00:00
..
bind After some discussion with the folks at ISC, it turns out that the _ai_pad 2006-01-04 19:18:43 +00:00
bind9 Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
dns Update to version 9.3.2-P2, which addresses the vulnerability 2006-11-04 07:53:25 +00:00
isc Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
isccc Vender import of BIND 9.3.0rc4. 2004-09-19 01:30:24 +00:00
isccfg Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
lwres Vendor import of BIND 9.3.2 2005-12-29 04:22:58 +00:00
Makefile.in Vender import of BIND 9.3.0rc4. 2004-09-19 01:30:24 +00:00