On Tue, Feb 16, 2016 at 04:32:00PM +0100, Peter Ludikovsky wrote: > A question to those more knowledgeable: we're using our own DNS > servers for all lookups, and those do recursive lookup for any > external addresses. Am I right to assume that Bind9 uses it's own > implementation for DNS lookups? Or are those now basically ticking > time bombs?
Bind does not use getaddrinfo() when performing DNS lookups on behalf of clients. However, it may use it when resolving hostnames listed in configfiles, e.g. in the masters list for a slave zone. If at all possible, I would update libc and restart named, which should be sufficient to protect that particular service from impact. noah
signature.asc
Description: Digital signature