Re: [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Thanks to Florian for this reply.
On Sun, 10 Aug 2008 22:11:05 +0200
Florian Weimer <email@example.com> wrote:
> The 2.6.24
> kernel available since the last etch point release offers some
> protection as well.
Umm? This is NEW information for me. Could you give me any references?
(certainly if you can disclosure. It is a sensitive issue.)
> Unfortunately, it turns out the GNU libc fix is more difficult than
> initially assumed. However, I didn't know at the time how aggressively
> the stub resolver issue would be pushed, so I opted for the advisory to
> document that the issue is on our radar screen.
Okay, thanks. I'll wait.
And do you know this article?
If it's true, ... it's fear.
BTW, in Japan, there are a lot of wireless Access Point (in Cafe, McDonalds
or so) and many many people (Windows, Mac and a few Linux and *BSD users ;)
use such wireless AP and unpatched name servers provided by dhcpd...
oh no ;(
Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp