=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata38.html,v retrieving revision 1.11 retrieving revision 1.12 diff -c -r1.11 -r1.12 *** www/errata38.html 2006/09/02 23:58:06 1.11 --- www/errata38.html 2006/09/08 20:35:11 1.12 *************** *** 75,80 **** --- 75,96 ----

+ 015: SECURITY FIX: September 8, 2006 All architectures
+ Two Denial of Service issues have been found with BIND. + An attacker who can perform recursive lookups on a DNS server and is able + to send a sufficiently large number of recursive queries, or is able to + get the DNS server to return more than one SIG(covered) RRsets can stop + the functionality of the DNS service. + An attacker querying an authoritative DNS server serving a RFC 2535 + DNSSEC zone may be able to crash the DNS server. + CVE-2006-4095 + CVE-2006-4096 +
+ + A source code patch exists which remedies this problem.
+
+
014: SECURITY FIX: September 2, 2006 All architectures
Due to the failure to correctly validate LCP configuration option lengths, *************** *** 269,275 ****
www@openbsd.org !
$OpenBSD: errata38.html,v 1.11 2006/09/02 23:58:06 brad Exp $ --- 285,291 ----
www@openbsd.org !
$OpenBSD: errata38.html,v 1.12 2006/09/08 20:35:11 brad Exp $