latent bug in the DNS message processing code that could allow certain
UPDATE requests to crash named.
I'm currently running Bind 9.7.3, which as far as I can tell is the latest
available on the stable squeeze repos. I am curious why 9.7.4 hasn't been
pushed out? The only reason I am concerned is because I am actually being
affected by this bug. Bind actually dies, hundreds of times a day and it's
really annoying. I am going to set up a new copy of bind from source to cover
this bug, but I would like to know why the new version hasn't been rolled out?
It has been months since it's initial release.
Change #2912 (see CHANGES) exposed a latent bug in the DNS message
processing code that could allow certain UPDATE requests to crash named.
[RT #24777] [CVE-2011-2464]
BIND 9.7.4 Released on 01 Aug 2011
> --
> Chris Brennan
> A: Yes.
> >Q: Are you sure?
> >>A: Because it reverses the logical flow of conversation.
> >>>Q: Why is top posting frowned upon?
> http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/
> GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C)
------------------------------------------------------------------------