[Pdns-announce] Statement on the recent DNS vulnerability & impact on PowerDNS (none)
bert hubert
bert.hubert at netherlabs.nl
Wed Jul 9 18:16:19 UTC 2008
Hi everybody,
We're being approached from various angles about PowerDNS and the recently
discovered DNS vulnerability (http://www.kb.cert.org/vuls/id/800113 )
To clear up any possible confusion, I'd like to state that since 2006,
PowerDNS has not been vulnerable for the issue reported in CVE-2008-1447, to
the extent that this is possible.
In fact, we've been warning the DNS community against these kinds of
problems since around that time - see
http://tools.ietf.org/html/draft-ietf-dnsext-forgery-resilience-05
If you have any further questions, please do not hesitate to contact me,
on-list or off.
Kind regards,
Bert Hubert
PowerDNS.COM BV
--
http://www.PowerDNS.com Open source, database driven DNS Software
http://netherlabs.nl Open and Closed source services
More information about the Pdns-announce
mailing list