[dns-operations] BIND Security Advisory May 2011: Large RRSIG RRsets and Negative Caching can crash named
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri May 27 07:33:26 UTC 2011
On Fri, May 27, 2011 at 12:26:54AM -0700,
SM <sm at resistor.net> wrote
a message of 39 lines which said:
> http://test.federalreserve.gov also triggered the bug.
But no longer (federalreserve.gov is unsigned).
> As it is be possible to trigger this bug through the "web", it would
> be advisable to upgrade before people roll out the denial of
> service.
I don't know how the bug was handled but I did not see yet an announce
by a "vendor" about an updated package. So, currently, only the people
who installed BIND manually can upgrade.
More information about the dns-operations
mailing list