Security fix to Bind-9.2.8/Bind-9.3.4
Lubomir Kundrak
lkundrak at redhat.com
Mon Jan 29 08:52:03 UTC 2007
Hi Stephen,
On Pi, 2007-01-26 at 18:20 -0700, Stephen John Smoogen wrote:
> --- 9.3.4 released ---
>
> 2126. [security] Serialise validation of type ANY responses. [RT #16555]
>
> 2124. [security] It was possible to dereference a freed fetch
> context. [RT #16584]
There is a bug open in bugzilla for this update. See #224443 [1].
Unfortunately, there is too little information to find out why is update
2126 a security issue, and why did not ISC issue an advisory for it.
*Sigh* ISC is not good at providing with usable informaation.
[1] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224443
Regards,
--
Lubomir Kundrak (Red Hat Security Response Team)
More information about the Fedora-security-list
mailing list