On Tuesday 08 of July 2008, Florian Weimer wrote:
> * Mert Dirik:
> >> PowerDNS is not available on all architectures, and Unbound and tinydns
> >> are not part of etch.
> >>
> >> So it's lack of alternatives, more or less.
> >
> > I don't really know much about these things but can't maradns
>
> M
Hello,
The Debian advisory does not mention the status of "pdnsd" w.r.t the
DNS cache poisoning problem. A quick check seems to suggest that
"pdnsd" also randomises the source port while sending out a query.
Could the maintainer of "pdnsd" please confirm this? I do not want to
file a pointless bu
Am Dienstag, 8. Juli 2008 19:05 schrieb Florian Weimer:
> […]
> At this time, it is not possible to implement the recommended
> countermeasures in the GNU libc stub resolver.
Hello,
I don’t have bind9 installed. Am I affected by the libc stub resolver bug?
> The following workarounds are avail
On Wed, Jul 09, 2008 at 09:44:21AM +, Kapil Hari Paranjape wrote:
> Hello,
>
> The Debian advisory does not mention the status of "pdnsd" w.r.t the
> DNS cache poisoning problem. A quick check seems to suggest that
> "pdnsd" also randomises the source port while sending out a query.
>
> Could
On Tue, 08 Jul 2008 19:50:44 +0200
Florian Weimer <[EMAIL PROTECTED]> wrote:
> PowerDNS is not available on all architectures, and Unbound and tinydns
> are not part of etch.
How about making page about this issue in wiki.debian.org?
I'm so confused to a flood of information about this issue...
Ich werde ab 09.07.2008 nicht im Büro sein. Ich kehre zurück am
14.07.2008.
Ich werde Ihre Nachricht nach meiner Rückkehr beantworten. In dringenden
Fällen wenden Sie sich bitte an [EMAIL PROTECTED],
[EMAIL PROTECTED] oder [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
* Pierre Habouzit:
> And the code matches the documentation. And yes a new socket is used for each
> request if that matters.
But it seems to use a weak PRNG (random from libc).
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, Jul 09, 2008 at 06:10:51PM +0200, Wolfgang Jeltsch wrote:
> > At this time, it is not possible to implement the recommended
> > countermeasures in the GNU libc stub resolver.
>
> I don???t have bind9 installed. Am I affected by the libc stub resolver bug?
Yes. I suggest that you install
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Steve Kemp wrote:
> For the unstable distribution (sid), this problem has been fixed in
> version 0.8.0-1.
Unstable has now version 0.8.4, how it can be?
(please CC me in replies)
- --
Eugene V. Lyubimkin aka JackYF, Ukrainian C++ developer.
-BEGI
Hi Eugene,
* Eugene V. Lyubimkin <[EMAIL PROTECTED]> [2008-07-09 21:44]:
> Steve Kemp wrote:
> > For the unstable distribution (sid), this problem has been fixed in
> > version 0.8.0-1.
> Unstable has now version 0.8.4, how it can be?
>
> (please CC me in replies)
See the changelog of poppler in
Am Mittwoch, 9. Juli 2008 20:51 schrieb Noah Meyerhans:
> On Wed, Jul 09, 2008 at 06:10:51PM +0200, Wolfgang Jeltsch wrote:
> > > At this time, it is not possible to implement the recommended
> > > countermeasures in the GNU libc stub resolver.
> >
> > I don’t have bind9 installed. Am I affected b
Quoting Wolfgang Jeltsch ([EMAIL PROTECTED]):
> Am Mittwoch, 9. Juli 2008 20:51 schrieb Noah Meyerhans:
>
> > > I suggest that you install bind9,
>
> How do I tell bind9 what DNS servers to ask? Is this also done by
> resolv.conf? If yes, named would ask itself if 127.0.0.1 is the first entry.
Am Mittwoch, 9. Juli 2008 22:39 schrieb Rick Moen:
> Quoting Wolfgang Jeltsch ([EMAIL PROTECTED]):
> > Am Mittwoch, 9. Juli 2008 20:51 schrieb Noah Meyerhans:
> > > > I suggest that you install bind9,
> […]
> > > > configure it to only listen on 127.0.0.1,
> >
> > How do I do this? dpkg-reconfigu
* Wolfgang Jeltsch <[EMAIL PROTECTED]> [2008-07-09 13:31-0400]:
> > > configure it to only listen on 127.0.0.1,
>
> How do I do this? dpkg-reconfigure doesn’t help.
I think the bind9 package comes configured this way by default in
Debian (a caching-only local nameserver).
Micah
--
To UNSUBSCR
On Tue, 8 Jul 2008 22:43:54 -0300 Henrique de Moraes Holschuh
<[EMAIL PROTECTED]> wrote:
> On Tue, 08 Jul 2008, Florian Weimer wrote:
> > 1. Install a local BIND 9 resoler on the host, possibly in
> > forward-only mode. BIND 9 will then use source port randomization
> > when sending queries over
Quoting Hubert Chathi ([EMAIL PROTECTED]):
> Hmm... libnss-lwres is orphaned (#475089), and is uninstallable on sid.
I'll bet the version of the missing dependency package (liblwres30) in
lenny would suffice.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Troubl
Micah Anderson <[EMAIL PROTECTED]>:
> * Wolfgang Jeltsch <[EMAIL PROTECTED]> [2008-07-09 13:31-0400]:
> > > > configure it to only listen on 127.0.0.1,
> >
> > How do I do this? dpkg-reconfigure doesn?t help.
>
> I think the bind9 package comes configured this way by default in
> Debian (a cac
* s. keeling <[EMAIL PROTECTED]> [2008-07-09 17:31-0400]:
> Micah Anderson <[EMAIL PROTECTED]>:
> > * Wolfgang Jeltsch <[EMAIL PROTECTED]> [2008-07-09 13:31-0400]:
> > > > > configure it to only listen on 127.0.0.1,
> > >
> > > How do I do this? dpkg-reconfigure doesn?t help.
> >
> > I think th
Incoming from Micah Anderson:
> * s. keeling <[EMAIL PROTECTED]> [2008-07-09 17:31-0400]:
> > Micah Anderson <[EMAIL PROTECTED]>:
> > > * Wolfgang Jeltsch <[EMAIL PROTECTED]> [2008-07-09 13:31-0400]:
> > > > > > configure it to only listen on 127.0.0.1,
> > > >
> > > > How do I do this? dpkg-reco
On Wed, 9 Jul 2008 15:45:12 -0700 Rick Moen <[EMAIL PROTECTED]> wrote:
> Quoting Hubert Chathi ([EMAIL PROTECTED]):
>
> > Hmm... libnss-lwres is orphaned (#475089), and is uninstallable on
> > sid.
>
> I'll bet the version of the missing dependency package (liblwres30) in
> lenny would suffice.
20 matches
Mail list logo
