Ernest Park wrote:
*Attention <Security Response Team>:*
Our research shows that your project may be using BIND, and may be
impacted by the vulnerabilities identified below.
Can you please provide a response regarding the impact of the BIND
vulnerabilities on *<Fedora Project>*? If you have a resolution, or feel
that you are using an unaffected version of BIND, please confirm such.
Palamida's Research Group will report this issue within 24hrs. Your
information will be used to update information reported to US-CERT,
NVD and Palamida's data library regarding this vulnerability within
*<Fedora Project>*.
1. What version of BIND is used?
2. What is patch or resolution proposed?
This isn't the right mail id for such questions but refer to
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00402.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00458.html
These are the current versions of Fedora which have already received
security fixes as updates. The fix was to use address port randomization
as specified in
https://bugzilla.redhat.com/show_bug.cgi?id=449345
Also refer
http://lwn.net/Articles/289206/
Rahul
--
Fedora-websites-list mailing list
Fedora-websites-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-websites-list
