[2826] in SIPB_Linux_Development
4.2 in a BIND catch-22
daemon@ATHENA.MIT.EDU (Aaron M. Ucko)
Thu Nov 11 22:10:18 1999
To: linux-dev@MIT.EDU
From: amu@MIT.EDU (Aaron M. Ucko)
Date: 11 Nov 1999 22:10:01 -0500
People recently discovered several major security holes in BIND, the
software we run as a local caching nameserver. Red Hat's solution to
this is to upgrade to the latest version of BIND 8.2 with various
patches applies. Unfortunately, this version is unable to cope with
class HS, which the Hesiod library originally used. Although this
isn't a huge problem for Red Hat-Athena 5.2, 4.2 loses badly because
it was built with an old version of the Hesiod library which still
uses class HS.
Anyone have suggestions on what to do (other than desupporting 4.2,
which we ought to do soon *anyway*)?
--
Aaron M. Ucko, KB1CJC <amu@mit.edu> (finger amu@monk.mit.edu)