Bug 14828

Summary: Current version of BIND in src/contrib is vulnerable to serveral DOS attacks
Product: Base System Reporter: mike
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff
none
file.diff
none
file.diff none

Description mike 1999-11-11 21:40:01 UTC 
See CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND 
or
http://www.isc.org/products/BIND/bind-security-19991108.html

Fix: Upgrade to the latest version

src/contrib/bind needs to be updated

For the port,
marble3# diff -ru files/md5.orig files/md5
and add the following patch

marble3# cat patches/patch-ac
How-To-Repeat: run bind 8.1.x or greater as a port, or use it from src/contrib/bind
Comment 1 cpiazza freebsd_committer freebsd_triage 1999-11-21 18:40:23 UTC 
Responsible Changed
From-To: freebsd-ports->freebsd-bugs

bind8 port was upgraded to 8.2.2p5
Comment 2 nbm freebsd_committer freebsd_triage 1999-12-15 14:38:21 UTC 
State Changed
From-To: open->closed

peter upgraded and MFC'd bind 8.2.2p5 into src/contrib, and the port 
was updated by jseger.