Hi Stephen, On Pi, 2007-01-26 at 18:20 -0700, Stephen John Smoogen wrote: > --- 9.3.4 released --- > > 2126. [security] Serialise validation of type ANY responses. [RT #16555] > > 2124. [security] It was possible to dereference a freed fetch > context. [RT #16584] There is a bug open in bugzilla for this update. See #224443 [1]. Unfortunately, there is too little information to find out why is update 2126 a security issue, and why did not ISC issue an advisory for it. *Sigh* ISC is not good at providing with usable informaation. [1] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224443 Regards, -- Lubomir Kundrak (Red Hat Security Response Team) -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
