d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-skq/contrib/bind9/version
dougb ea24299e36 Update to 9.3.4-P1, which fixes the following: 
The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.

This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.

All users are encouraged to upgrade.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926
2007-07-25 08:24:40 +00:00

11 lines
214 B
Plaintext
Raw Blame History

# $Id: version,v 1.26.2.17.2.26.4.2 2007/06/27 02:07:20 marka Exp $
#
# This file must follow /bin/sh rules. It is imported directly via
# configure.
#
MAJORVER=9
MINORVER=3
PATCHVER=4
RELEASETYPE=-P
RELEASEVER=1
Reference in New Issue View Git Blame Copy Permalink