Red Hat Bugzilla – Bug 104480
VeriSign added a wildcard A record to the .COM and .NET TLD DNS zones.
Last modified: 2007-03-27 00:09:47 EDT
PLEASE patch BIND to put a stop to this horriable tragity that just accoured. Reference URL: http://slashdot.org/articles/03/09/16/0034210.shtml?tid=126&tid=95&tid=98&tid=99 Summery: Verisign put in a top level wildcard on .com and .net domains. This is so any missspelled domain goes to there search engine, where they profit from it. They did this even though a person was just convited of registering thousands of misspelled domains to trick users onto po*rn sites. This will also break many spam filters, like spammassign.
Closing as a dup of Bug #104569, since that one actually has the patch *** This bug has been marked as a duplicate of 104569 ***
I agree. While technically not a bug, this fix is required for security features in other products to function properly; eg, Sendmail and Postfix. Plus, having the fix available on RedHat would encourage wide adoption, which in turn would nullify the effects of VeriSign's "hijacking" of the purposes and RFC functions of the root servers. The second BIND patch for this issue has been released. I can understand if you want to wait a day or two for the dust to settle (the first patch has minor issues), but at least make some sort of announcement that a new RPM will be forthcoming.
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.