On Wed, Sep 06, 2006 at 07:33:34PM +0200, Patrik Wallstrom wrote: > On Wed, 06 Sep 2006, Micah Anderson wrote: > > Does this patch work with just plain ole 'bind' (not bind9)? That > > package also seems vulnerable... > No, there are separate packages för BIND 8. (All BIND users should > upgrade to version 9 anyway.) > All new versions are published at isc.org.
And neither CVE-2006-4095 nor CVE-2006-4096 affect BIND 8, according to the CERT advisory. lamont
