56a78b5211
1. The default access control lists (acls) are not being correctly set. If not set anyone can make recursive queries and/or query the cache contents. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925 2. The DNS query id generation is vulnerable to cryptographic analysis which provides a 1 in 8 chance of guessing the next query id for 50% of the query ids. This can be used to perform cache poisoning by an attacker. This bug only affects outgoing queries, generated by BIND 9 to answer questions as a resolver, or when it is looking up data for internal uses, such as when sending NOTIFYs to slave name servers. All users are encouraged to upgrade. See also: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 Approved by: re (kensmith, implicit)
11 lines
211 B
Plaintext
11 lines
211 B
Plaintext
# $Id: version,v 1.29.134.13.8.2 2007/06/27 02:10:22 marka Exp $
|
|
#
|
|
# This file must follow /bin/sh rules. It is imported directly via
|
|
# configure.
|
|
#
|
|
MAJORVER=9
|
|
MINORVER=4
|
|
PATCHVER=1
|
|
RELEASETYPE=-P
|
|
RELEASEVER=1
|