On 07/08/15 18:29, Mark Felder:
IV. Workaround
No workaround is available, but hosts not running named(8) are not
vulnerable.
Why is no workaround available? Can't you just disable DNSSEC
validation?
dnssec-enable no;
dnssec-validation no;
Well, it depend ...
If someone is running DNSSEC validation, then turning it off is no solution.
You may claim either "turn off named" or "power off the computer" to be
available workaround ...
Just my $0.02
Dan
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
