Thursday, July 24, 2008

Errata: 004_bind for 4.3

PuffyThe OpenBSD team has released a new errata for 4.2 (013_bind) and 4.3 (004_bind) to fix a security issue with bind (the name server in OpenBSD).

From the 4.3 errata page:
A vulnerability has been found with BIND. An attacker could use this vulnerability to poison the cache of a recursive resolving name server. (CVE-2008-1447)

I have made binpatches for 4.2 and 4.3 for i386, amd64 and sparc64.