Source code changes in BIND 8.2.2 patch 5 vs. 8.2

Jim Reid jim at rfc1035.com
Thu Jun 8 22:02:18 UTC 2000


>>>>> "Dan" == McNair, Dan <DMcNair at dgexchange.dg.com> writes:

    Dan> Hi.  Can anyone on the BIND team at ISC or otherwise help me
    Dan> figure out what source code has changed between BIND 8.2 and
    Dan> BIND 8.2.2 patch 5?

For an overview, consult the file CHANGES at the top of the source
tree. If you want line by line changes, diff the files. Assuming you
have both versions of course.

    Dan> Specifically, I need to know where the
    Dan> following CERT advisories have been addressed:

    Dan> -CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND
    Dan> -AL-1999.004.dns_dos

    Dan> Have they been addressed solely in the applications/commands
    Dan> (named, nslookup, named-xfer, etc)?  Or, have the libraries
    Dan> (resolver libs, nameserver libs) been changed as well?

IIRC these advisories only affect the name server. The ISC web site
has a detailed list of what holes are plugged by the current BIND8
release. See http://www.isc.org. There's a link to this info on the
ISC's home page.

I also understand that there are no known security vulnerabilities in
the current version of BIND, 8.2.2P5.



More information about the bind-users mailing list