oss-sec mailing list archives

Re: DNS vulnerability: other relevant software

From: The Fungi <fungi () yuggoth org>
Date: Wed, 9 Jul 2008 12:53:55 +0000

On Wed, Jul 09, 2008 at 02:07:01PM +0200, Matthias Geerdsen wrote:

looking at some of the DNS related software in our tree, I thought
it might be nice to keep track of any findings of affected and
unaffected packages...

[...]

Additionally, Debian has noted (DSA 1605-1) that the GNU libc stub
resolver could benefit from random query source ports as well, but
no patches are currently available to implement this:

http://www.debian.org/security/2008/dsa-1605

-- 
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi () yuggoth org); IRC(fungi () irc yuggoth org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi () yuggoth org);
MUD(fungi () katarsis mudpy org:6669); WWW(http://fungi.yuggoth.org/); }

Current thread:

DNS vulnerability: other relevant software Matthias Geerdsen (Jul 09)
- Re: DNS vulnerability: other relevant software The Fungi (Jul 09)
  - Re: DNS vulnerability: other relevant software Mark J Cox (Jul 09)
    - Re: DNS vulnerability: other relevant software Florian Weimer (Jul 09)
    - Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
    - Re: DNS vulnerability: other relevant software Eugene Teo (Jul 09)
    - Re: DNS vulnerability: other relevant software Eugene Teo (Jul 10)
    - Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 10)
    - Re: DNS vulnerability: other relevant software Bernhard R. Link (Jul 11)
    - Re: DNS vulnerability: other relevant software Nathanael Hoyle (Jul 11)
    - Re: DNS vulnerability: other relevant software Florian Weimer (Jul 13)
    - Re: DNS vulnerability: other relevant software Florian Weimer (Jul 12)

(Thread continues...)