|
Major fix to DNS Vulnerability Impacts Debian |
|
|
|
Source: Betanews - Posted by Bill Keys
|
A very serious flaw in the Internet's DNS servers may have been ripe for a significant exploit, though a familiar security researcher might have sounded the alarm just in time. Now, Microsoft and Linux vendors are responding urgently.
In what appears to be a coordinated effort to fix a well known, though still potentially critical vulnerability to the Domain Name System (DNS) protocol, patches are being deployed today for both Windows and Linux, by both Microsoft and Debian, respectively. These patches would enable a long suggested protocol for validating the source of DNS requests.
This is definitely an patch that every DNS server should do updates for. Do you think we are going to see DNS servers being attacked in the coming days?
Read this full article at Betanews
Note that while Debian is pushing out patches, the title of the article suggests it is a Debian issue.
This affects all BIND deployments, regardless of distribution (or AFAIK operating system -- BIND is not Linux specific). If you run SuSE or RedHat or anything else, look for patches from your distribution to come down the pipe. Unless you're running BIND 8, in which case you need to upgrade.
Of course maybe a small compliment that someone might think that Debian == Linux |
| Another possible small compliment: | Written by thinkingman on 2008-07-25 09:13:01 |
Debian == Broken OpenSSH keygen
:-/ |
