Tom Lane <tgl <at> redhat.com> writes: > The normal configuration for a stub resolver is that it's only pointed > to locally-controlled caching servers; so long as you've fixed those > servers, you should be safe AFAICS. I'm not so much worried about my own configuration, but that of a random Fedora installation, that may be pointing to caching servers that are not locally controlled (e.g. that of ISP). That CERT VU#800113 talks about patching of stub resolvers: "Stub resolvers that will issue queries in response to attacker behavior, and may receive packets from an attacker, should be patched." So, it's more a general question about glibc and this CVE. -- Bojan -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
