ISC BIND 9.6.1-P3 is now available
Chris Thompson
cet1 at cam.ac.uk
Tue Jan 19 21:15:11 UTC 2010
These announcements for BIND 9.4.3-P5, 9.5.1-P2 and 9.6.1-P3 say
>BIND 9.x.x-Px is a SECURITY PATCH for BIND 9.x.x. It addresses two
>potential cache poisoning vulnerabilities, both of which could allow
>a validating recursive nameserver to cache data which had not been
>authenticated or was invalid.
But the CHANGES files list *three* security fixes (2827, 2828 & 2831),
none of which seem to be superficially the "same" vulnerability. So is
the "two" above a mistake?
--
Chris Thompson
Email: cet1 at cam.ac.uk
More information about the bind-users
mailing list