d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d5b7ae9826
freebsd-dev/contrib/bind9/version
Doug Barton a02f92e875 Update to version 9.3.2-P2, which addresses the vulnerability 
announced by ISC dated 31 October (delivered via e-mail to the
bind-announce@isc.org list on 2 November):

Description:
        Because of OpenSSL's recently announced vulnerabilities
        (CAN-2006-4339, CVE-2006-2937 and CVE-2006-2940) which affect named,
        we are announcing this workaround and releasing patches.  A proof of
        concept attack on OpenSSL has been demonstrated for CAN-2006-4339.

        OpenSSL is required to use DNSSEC with BIND.

Fix for version 9.3.2-P1 and lower:
        Upgrade to BIND 9.3.2-P2, then generate new RSASHA1 and
        RSAMD5 keys for all old keys using the old default exponent
        and perform a key rollover to these new keys.

        These versions also change the default RSA exponent to be
        65537 which is not vulnerable to the attacks described in
        CAN-2006-4339.
2006-11-04 07:53:25 +00:00

11 lines
214 B
Plaintext
Raw Blame History

# $Id: version,v 1.26.2.17.2.21.4.2 2006/10/04 07:00:13 marka Exp $
#
# This file must follow /bin/sh rules. It is imported directly via
# configure.
#
MAJORVER=9
MINORVER=3
PATCHVER=2
RELEASETYPE=-P
RELEASEVER=2
Reference in New Issue View Git Blame Copy Permalink