Source code changes in BIND 8.2.2 patch 5 vs. 8.2
Jim Reid
jim at rfc1035.com
Thu Jun 8 22:02:18 UTC 2000
>>>>> "Dan" == McNair, Dan <DMcNair at dgexchange.dg.com> writes:
Dan> Hi. Can anyone on the BIND team at ISC or otherwise help me
Dan> figure out what source code has changed between BIND 8.2 and
Dan> BIND 8.2.2 patch 5?
For an overview, consult the file CHANGES at the top of the source
tree. If you want line by line changes, diff the files. Assuming you
have both versions of course.
Dan> Specifically, I need to know where the
Dan> following CERT advisories have been addressed:
Dan> -CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND
Dan> -AL-1999.004.dns_dos
Dan> Have they been addressed solely in the applications/commands
Dan> (named, nslookup, named-xfer, etc)? Or, have the libraries
Dan> (resolver libs, nameserver libs) been changed as well?
IIRC these advisories only affect the name server. The ISC web site
has a detailed list of what holes are plugged by the current BIND8
release. See http://www.isc.org. There's a link to this info on the
ISC's home page.
I also understand that there are no known security vulnerabilities in
the current version of BIND, 8.2.2P5.
More information about the bind-users
mailing list