oss-sec mailing list archives
Re: BIND CVE-2009-4022 fix incomplete
From: Josh Bressers <bressers () redhat com>
Date: Wed, 20 Jan 2010 09:00:01 -0500 (EST)
----- "Josh Bressers" <bressers () redhat com> wrote:
Hi Steve, I'm not assigning this one as I'm not sure if you've seen this or not. ISC released an update today for BIND, part of it was that CVE-2009-4022 was not completely fixed: https://www.isc.org/advisories/CVE-2009-4022 If you look down at the bottom of their advisory you can see this: Jan. 19 - Revised Summary, Severity, Description, Workaround, Impact & Solution (earlier fixes incomplete) As best as we can tell, this is why: https://bugzilla.redhat.com/show_bug.cgi?id=554851#c7
As this is holding up a Red Hat erratum, risking a dupe, I've assigned this CVE-2010-0290. Thanks. -- JB
Current thread:
- BIND CVE-2009-4022 fix incomplete Josh Bressers (Jan 19)
- Re: BIND CVE-2009-4022 fix incomplete Josh Bressers (Jan 20)