[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

* Henrique de Moraes Holschuh:

> 3. Install lwresd from an updated BIND9, install libnss-lwres, and replace
> "dns" with "lwres" in /etc/nsswitch.conf.   Make sure to restart lwres when
> /etc/resolv.conf changes.

lwresd is far less-tested than BIND, and tweaking the NSS configuration
is something few people like to do.

Reply to: