On 3/26/13 10:05 AM, Jack Tavares wrote:
I have a request for clarification: The workaround states to rebuild BIND with regexp support disabled. And I see new versions of BIND have been released. Are those versions just a rebuild with regexp support disabled? Or are they a more comprehensive fix?
This question is addressed in the "CVE-2013-2266: FAQ and Supplemental Information" Knowledge Base article, which I encourage everyone to read. https://kb.isc.org/article/AA-00879 Please see specifically the section which begins: "What is the difference between deploying the patched versions of BIND versus implementing the documented workaround?" Thanks, Michael McNally ISC Support _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users