Re: [DSA 1605-1] DNS vulnerability impact on the libc stub resolver
Hi,
Thanks to Florian for this reply.
On Sun, 10 Aug 2008 22:11:05 +0200
Florian Weimer <fw@deneb.enyo.de> wrote:
> The 2.6.24
> kernel available since the last etch point release offers some
> protection as well.
Umm? This is NEW information for me. Could you give me any references?
(certainly if you can disclosure. It is a sensitive issue.)
> Unfortunately, it turns out the GNU libc fix is more difficult than
> initially assumed. However, I didn't know at the time how aggressively
> the stub resolver issue would be pushed, so I opted for the advisory to
> document that the issue is on our radar screen.
Okay, thanks. I'll wait.
And do you know this article?
http://technorati.com/posts/MqY%2Bc19oV42Zc0fXp5GQZC1UJxLVsVOhxhlxAxXB6S8%3D
If it's true, ... it's fear.
----------------------
#OT
BTW, in Japan, there are a lot of wireless Access Point (in Cafe, McDonalds
or so) and many many people (Windows, Mac and a few Linux and *BSD users ;)
use such wireless AP and unpatched name servers provided by dhcpd...
oh no ;(
--
Regards,
Hideki Yamane henrich @ debian.or.jp/iijmio-mail.jp
http://wiki.debian.org/HidekiYamane
Reply to: