Bind unter FreeBSD ohne Updates?

Xin LI schrieb:
stable/{7,8} and HEAD have the "best known fix" but we are still
waiting for a final one (or decide if the existing solution had solved
the problem completely, ISC is still working on investigation). We
(secteam@) will issue a security advisory once we are sure that the
fix is finalized and yes, all supported branches would be patched at
that time and update would made available through freebsd-update, etc.

At this time it's advisable that users use the BIND version from
ports, or use an alternative (e.g. dns/unbound), if resolving DNS
server functionality is desired; it seems that authoritive-only DNS
servers are NOT affected by the problem as far as we know.

Cheers,
-- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die

das kam auf freebsd-security@ am 18.11 rum.

hth
 
Ich bin vor einem Jahr auf NSD und Unbound umgeschwenkt. Bis jetzt gab es keine Probleme. Allerdings ist NSD by design nicht für DynDNS gedacht. Dafür läuft noch nen BIND als authorative only DNS Server und wird vom Unbound gecached. Ja etwas kompliziert für nen Heimrouter, aber ich hatte keine Lust mehr auf BIND fuck ups.
 
Zurück
Oben