[29177] in bugtraq
Re: BIND 9.2.2 Vulnerabilities?
daemon@ATHENA.MIT.EDU (David Kennedy CISSP)
Tue Mar 4 16:49:14 2003
Message-Id: <3.0.5.32.20030304162605.07c4e430@pop.fuse.net>
Date: Tue, 04 Mar 2003 16:26:05 -0500
To: John <bugtraq@doomsday.com>, bugtraq@securityfocus.com
From: David Kennedy CISSP <david.kennedy@acm.org>
In-Reply-To: <Pine.LNX.4.44.0303041301300.17731-100000@ns.doomsday.com>
Mime-Version: 1.0
Content-Type: text/enriched; charset="us-ascii"
At 01:04 PM 3/4/03 -0600, John wrote:
Heavily edited from the bind-announce message:
>>>>
<excerpt>To: bind-announce@isc.org
From: Mark_Andrews@isc.org
Subject: BIND 9.2.2 is now available.
Date: Tue, 04 Mar 2003 12:51:37 +1100
List-Id: <<bind-announce.isc.org>
BIND 9.2.2 is now available. This is a maintenance release of BIND
9.2.
It contains no new features.
BIND 9.2.2 can be downloaded from
ftp://ftp.isc.org/isc/bind9/9.2.2/bind-9.2.2.tar.gz
The PGP signature of the distribution is at
ftp://ftp.isc.org/isc/bind9/9.2.2/bind-9.2.2.tar.gz.asc
The signature was generated with the ISC public key, which is
available at <<http://www.isc.org/ISC/isckey.txt>.
A list of changes made since 9.2.0 follows. For earlier changes,
see the file CHANGES in the distribution.
1356. [security] Support patches OpenSSL libraries.
http://www.cert.org/advisories/CA-2002-23.html
1349. [security] Minimum OpenSSL version now 0.9.6e (was 0.9.5a).
http://www.cert.org/advisories/CA-2002-23.html
1318. [bug] libbind: Remote buffer overrun.
</excerpt><<<<<<<<
(many non-security fixes/bug edited out by DMK)
--
Regards,
David Kennedy CISSP /"\
Director of Research Services, \ / ASCII Ribbon Campaign
TruSecure Corp. http://www.trusecure.com X Against HTML Mail
Protect what you connect; / \
Look both ways before crossing the Net.
