oss-security - Re: DNS vulnerability: other relevant software

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <20080709125354.GF23625@yuggoth.org>
Date: Wed, 9 Jul 2008 12:53:55 +0000
From: The Fungi <fungi@...goth.org>
To: oss-security@...ts.openwall.com
Subject: Re: DNS vulnerability: other relevant software

On Wed, Jul 09, 2008 at 02:07:01PM +0200, Matthias Geerdsen wrote:
> looking at some of the DNS related software in our tree, I thought
> it might be nice to keep track of any findings of affected and
> unaffected packages...
[...]

Additionally, Debian has noted (DSA 1605-1) that the GNU libc stub
resolver could benefit from random query source ports as well, but
no patches are currently available to implement this:

http://www.debian.org/security/2008/dsa-1605

-- 
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@...goth.org); IRC(fungi@....yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@...goth.org);
MUD(fungi@...arsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.