Bug 105036 - domain hijacking prevention fix of ISC
domain hijacking prevention fix of ISC
Product: Red Hat Linux
Classification: Retired
Component: bind (Show other bugs)
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
: FutureFeature
Depends On:
  Show dependency treegraph
Reported: 2003-09-24 16:30 EDT by Hugo van der Kooij
Modified: 2007-04-18 12:57 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-09-25 09:05:48 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Hugo van der Kooij 2003-09-24 16:30:16 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; nl-NL; rv:1.4) Gecko/20030906

Description of problem:
ISC security fix for Veri$ign domain hijacking needs to be implemented in
standard available versions of bind.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Fix not implemented in currrent version.

Tried to add:

options {
     root-delegation-only exclude { "cc"; "de"; "lv"; "museum"; "org"; "us"; };

Actual Results:  jfsdklglkfsdjglkfjsdlgsdf.com still pointed to Veri$ign hijacking.

Expected Results:  host not found
Comment 1 Hugo van der Kooij 2003-09-24 16:35:19 EDT
Sep 24 22:34:36 gandalf named[13434]: loading configuration from '/etc/named.conf'
Sep 24 22:34:37 gandalf named[13434]: /etc/named.conf:23: unknown option
Sep 24 22:34:37 gandalf named[13434]: loading configuration: failure
Sep 24 22:34:37 gandalf named[13434]: exiting (due to fatal error)
Comment 2 Daniel Walsh 2003-09-25 09:05:48 EDT
root-delegation-only is only in the beta kit for 9.2.3-rc4.  We will update to
this package when it is released.

Comment 3 Bishop Clark 2004-02-29 08:24:32 EST


It's no longer beta, if I'm reading this right.

Where's the promised update?  Anything in the works?  The 923 I'm
seeing suggests it's been out for 3 months.  Can we reopen this bug
yet?  8-)

Note You need to log in before you can comment on or make changes to this bug.