Re: [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Debian Security Team wrote:
At this time, it is not possible to implement the recommended
countermeasures in the GNU libc stub resolver. The following
workarounds are available:
1. Install a local BIND 9 resolver on the host, possibly in
Uh .. is there any documentation on how to do that ? Although I run a
BIND 9 nameserver I don't know how to extract the BIND 9 resolver from
such a system (for use on other systems) - and there doesn't seem to be
any actual stand-alone package for such a thing.
Also, which Debian systems would otherwise use the libc stub resolver ?
All systems which *don't* have BIND installed ?
Leave the Olympics in Greece, where they belong.