Hi,
just read [1] and wondered if there will be an official update by pat
soon or if I should recompile bind on my own.

What do you think?

Regards
Chris

[1] http://www.kb.cert.org/vuls/id/800113

On Wed, 9 Jul 2008, Christian "Xtra" Schiffler wrote:

>
> Hi,
> just read [1] and wondered if there will be an official update by pat soon or
> if I should recompile bind on my own.
>
> What do you think?

If you use a busy server, d/l the source to 9.5.1.b1
the fix in 9.5.0-p1 has serious performance impacts at around 10K
queries p/sec as it was a rushed patch, but that is corected in 9.5.1
beta, I've been using the beta in production for over 24 hours without
any issues nor any noticable performance issues.


--
Cheers
Res
--- Usenet policy, and why I might ignore you ---
1/ GoogleGroups are UDP'd on my nntp server. If you use them, don't
waste your time or energy replying to me.

2/ If only cleanfeed filtered out trolls as well as spam, usenet would be
a nicer place.

Thu, 10 Jul 2008 08:54:45 +1000, Res did catÂ*:

> On Wed, 9 Jul 2008, Christian "Xtra" Schiffler wrote:
>
>
>> Hi,
>> just read [1] and wondered if there will be an official update by pat
>> soon or if I should recompile bind on my own.
>>
>> What do you think?
>
> If you use a busy server, d/l the source to 9.5.1.b1 the fix in 9.5.0-p1
> has serious performance impacts at around 10K queries p/sec as it was a
> rushed patch, but that is corected in 9.5.1 beta, I've been using the
> beta in production for over 24 hours without any issues nor any
> noticable performance issues.

Besides, at the moment I'm slowly hesitating between 2 theories about
the actual running show, one would be simple propaganda for some big
company (I won't give names as it already shows...),
the second one is a bit more sad and gloomy as I have a feeling it's
not simple propaganda but the preparatives of a huge FUD assault which
will close the open internet and start the era of the proprietary networks.

--
Oh shit I've just found out a hidden flaw in the values
for the bits, some zeroes can be busted and they'll come out as ones!
Yiiiiik! Time to go for Boolean 3.0!

Hallo, Christian,

Du meintest am 09.07.08:

> just read [1] and wondered if there will be an official update by pat
> soon or if I should recompile bind on my own.

> What do you think?

What about "dnsmasq"?
Simon Kelley offers a new version:

http://www.thekelleys.org.uk/dnsmasq...2.43rc4.tar.gz

and I have compiled it into a slackware tarball:

http://arktur.shuttle.de/CD/5.0/Patc...-i486-1hln.tgz

Works with Slackware 11.0 and Slackware-current.

Viele Gruesse
Helmut

"Ubuntu" - an African word, meaning "Slackware is too hard for me".

Christian Schiffler wrote :

> What do you think?

There's a new bind out for Slackware now, and Firefox 2.0.0.15 is there
too.
--
Thomas O.

This area is designed to become quite warm during normal operation.

On Thu, 10 Jul 2008, Loki Harfagr wrote:

> Besides, at the moment I'm slowly hesitating between 2 theories about
> the actual running show, one would be simple propaganda for some big
> company (I won't give names as it already shows...),
> the second one is a bit more sad and gloomy as I have a feeling it's
> not simple propaganda but the preparatives of a huge FUD assault which
> will close the open internet and start the era of the proprietary networks.

Oh, I'm sure as hell most of it is FUD, "exploit tools are out there" so
the kiddies have them, and even as of 15 minutes ago (2 days later),
testing some well known ISP's DNS servers around the world, they still
"fail" the simple test ( dig +short porttest.dns-oarc.net TXT ) and
bugger me... the Internet is still working :)



--
Cheers
Res
--- Usenet policy, and why I might ignore you ---
1/ GoogleGroups are UDP'd on my nntp server. If you use them, don't
waste your time or energy replying to me.

2/ If only cleanfeed filtered out trolls as well as spam, usenet would be
a nicer place.