Subject: Re: security/11459: possible fix for remote DoS attack in BIND-8.2.2-P5
To: None <itojun@iijlab.net>
From: Greg A. Woods) <woods@weird.com (Greg A. Woods@planix.com>
List: netbsd-bugs
Date: 11/10/2000 02:27:56
[ On Friday, November 10, 2000 at 15:49:52 (+0900), itojun@iijlab.net wrote: ]
> Subject: Re: security/11459: possible fix for remote DoS attack in BIND-8.2.2-P5
>
> i'm looking at 822P7. 822P7 changes STREAM_AXFRIXFR only. there's no
> code change in ns_xfr.c.
Given that this change alone does not fix the bug then there must be
other changes elsewhere (ns_main.c or ns_req.c most likely). Either
that or they've prematurely released it -- there was no talk about it on
the bind-workers list, and not even a reply to my query about my patch.
There's not even been an announcement of its availability reach my
mailbox yet and yet I see from the FTP site that it's apparently been
available for nearly four hours.
I'll import it to my local repository and do some deeper diffs....
and of course I'll test it too! :-)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>