* - Tethys <tet...@gmail.com> [2009-09-16 17:37]: > On Wed, Sep 16, 2009 at 3:39 PM, Henning Brauer <lists-open...@bsws.de> > wrote: > > >> Building from source is light years more difficult than > >> 'apt-get update && apt-get upgrade, or 'yum upgrade' or > >> the like. > > > > so don't fucking do it, use releases and packages. > > So how does one remedy CVE-2009-0696 like that? From the web site: > > 007: RELIABILITY FIX: July 29, 2009 All architectures > > A vulnerability has been found in BIND's named server > (CVE-2009-0696). An attacker could crash a server with a specially > crafted dynamic update message to a zone for which the server is > master. > > A source code patch exists which remedies this problem. > > Sounds like building from source is necessary to me. As does:
boo hoo. run one machine somewhere and make release. done. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam