nanog mailing list archives
Re: new bind vuln
From: "Steven M. Bellovin" <smb () research att com>
Date: Wed, 13 Nov 2002 00:06:04 -0500
In message <20021113044904.GA6374 () alcove wittsend com>, "Michael H. Warfield" w rites:
On Tue, Nov 12, 2002 at 06:10:14PM -0500, Gerald wrote:Haven't seen mention of this yet today and DNS affects most everyone in some way. The advisory was released a day early according to FreeBSD security officer.Just to reiterate (I realize, in my haste, I forgot to include a reference or a quote in my earlier message)... Here is a quote from Vixie on Slashdot: ] "ISS and ISC worked together on this. ISS found the ] vulns, ISC worked with the vendors, and both of us ] worked with CERT and coordinated the announcements. ]=20 ] Paul Vixie ] Chairman, ISC" Doesn't sound like "released a day early" to me.
CERT said that the ISS advisory was to be released on 13 November, and
that the patch would be available from ISC next week. There was no
indication about when CERT itself was going to issue an advisory, but
clearly someone said something a day earlier than had been expected.
--Steve Bellovin, http://www.research.att.com/~smb (me)
http://www.wilyhacker.com ("Firewalls" book)
Current thread:
- new bind vuln Gerald (Nov 12)
- Re: new bind vuln Gerald (Nov 12)
- Re: new bind vuln Michael H. Warfield (Nov 12)
- Re: new bind vuln Andrew Brown (Nov 12)
- Re: new bind vuln Michael H. Warfield (Nov 12)
- <Possible follow-ups>
- Re: new bind vuln Steven M. Bellovin (Nov 12)
- Re: new bind vuln Michael H. Warfield (Nov 12)
- Re: new bind vuln Michael H. Warfield (Nov 13)
- Re: new bind vuln Barney Wolff (Nov 12)
- Re: new bind vuln Michael H. Warfield (Nov 13)
- Re: new bind vuln Michael H. Warfield (Nov 12)