Hi!
In the light of the recent exim security issues[1,2]
I'm trying to find out if bind 9.18.19, if used as resolver,
does enough validation to shield exim instances from CVE-2023-42119 ?
As details and reproducers for the CVE are not available, this is a
more general question. Pointers on where
On 01. 10. 23 21:10, Björn Persson wrote:
I find that when both inline-signing and update-policy are in use, I
can't detect race conditions with the method described in RFC 2136
section 5.7, which nsdiff uses.
It seems that a serial number specified in a prerequisite of an update
is compared to
On 02. 10. 23 11:06, Kurt Jaeger wrote:
Hi!
In the light of the recent exim security issues[1,2]
I'm trying to find out if bind 9.18.19, if used as resolver,
does enough validation to shield exim instances from CVE-2023-42119 ?
As details and reproducers for the CVE are not available, this is a
Petr Špaček wrote:
> Please open an issue in our Gitlab:
Done:
https://gitlab.isc.org/isc-projects/bind9/-/issues/4352
Björn Persson
pgp3GzBYDpAWV.pgp
Description: OpenPGP digital signatur
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the
I appreciate your email. I thought that was the process but the older version
of the ARM I was using (matches my version) didn't have that nice section. So
I will need to be sure to look in the current document when scratching my head
as someone is making some nice additions and improvements t
I appreciate the feedback. I did make sure the ZSK is omnipresent and the
issue still happens so it might be that my attempt to take the default policy
and bring it down to 1 day to hurry along testing. I will see if I can find
any test policies in the list archives and failing that use the de
6 matches
Mail list logo
