> Any info on whether the newly announced bug can be triggered before > the query ACL is applied on a recursive only server?
The answer is no, to the best of our knowledge at this time, the bug cannot be triggered before the query ACL has been applied. This doesn't help, though, because the query can be a perfectly innocuous one sent by an allowed host. The problem is what was in the cache at the time. > An authoritative only server ought to be safe? Yes. -- Evan Hunt -- e...@isc.org Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
