Slashdot Mirror

← Back to Stories (view on slashdot.org)

Another DNS Flaw Found, Patched

Posted by Soulskill on from the come-and-gone dept.

darthcamaro writes "Remember the big DNS flaw that Dan Kaminsky 'discovered' last year? Well, it looks like another flaw in DNS has just been patched. This time it's an item that affects DNSSEC, which was supposed to be the savior for the Kaminsky flaw. The good news, though, is that this time, the issue is relatively minor and DNS has already been patched. 'The flaw is specific to certain usages of DNSSEC,' Joao Damas, senior programming manager of the ISC told InternetNews. 'It is strongly advised that all BIND DNSSEC deployments update in case they are using the particular pattern affected (DSA keys in some cases) and to prevent coming across the problem in the future unexpectedly.'"

2 of 66 comments (clear)

  1. Yeah, um... by Ethanol · · Score: 5, Informative

    That's not a "DNS flaw".

    It's an OpenSSL bug that turned out to affect BIND.

  2. DNS Flaw? by HairyCanary · · Score: 5, Insightful

    "DNS Flaw"? Can we shoot for a bit more accuracy here on Slashdot, since we're all technical enough to understand the details? It's a flaw that affects BIND. And BIND != DNS. I shouldn't have to point that out...