ISC BIND 9.6.1-P3 is now available
David Coulthart
davec at columbia.edu
Wed Jan 20 14:16:15 UTC 2010
On Jan 19, 2010, at 12:28 PM, Evan Hunt wrote:
> BIND 9.6.1-P3 is a SECURITY PATCH for BIND 9.6.1. It addresses two
> potential cache poisoning vulnerabilities, both of which could allow
> a validating recursive nameserver to cache data which had not been
> authenticated or was invalid.
Do these vulnerabilities only apply to recursive name servers that
have DNSSEC trusted keys or lookaside keys configured? Or do they
also apply if the server has dnssec-enable & dnssec-validation enabled
(as by default on 9.6.x) but no trusted keys or lookaside keys
configured?
Thanks,
Dave Coulthart
More information about the bind-users
mailing list