hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
In article <1j4d29i.1umrpmgilfydwN%,
(Fra) wrote:hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
In article <1j4d29i.1umrpmgilfydwN%fra@alussinan.org>,
fra@alussinan.org (Fra) wrote:
hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
In article <1j4d29i.1umrpmgilfydwN%,
(Fra) wrote:hello
Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
Impossible de savoir.
<http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
"Security Update 2009-004 is recommended for all users and improves the
security of Mac OS X." Vous n'en saurez pas plus !!!
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
patpro ~ patrick proniewski écrivait :
> In article <1j4d29i.1umrpmgilfydwN%,
> (Fra) wrote:
>
>> hello
>>
>> Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
>> Impossible de savoir.
>> <http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
>> "Security Update 2009-004 is recommended for all users and improves the
>> security of Mac OS X." Vous n'en saurez pas plus !!!
>
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Apple est un peu léger là dessus : ça fait 2 semaines que l'exploit est
sorti et que tout le monde a patché son bind en 4ème vitesse...
patpro ~ patrick proniewski <patpro@boleskine.patpro.net> écrivait :
> In article <1j4d29i.1umrpmgilfydwN%fra@alussinan.org>,
> fra@alussinan.org (Fra) wrote:
>
>> hello
>>
>> Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
>> Impossible de savoir.
>> <http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
>> "Security Update 2009-004 is recommended for all users and improves the
>> security of Mac OS X." Vous n'en saurez pas plus !!!
>
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Apple est un peu léger là dessus : ça fait 2 semaines que l'exploit est
sorti et que tout le monde a patché son bind en 4ème vitesse...
patpro ~ patrick proniewski écrivait :
> In article <1j4d29i.1umrpmgilfydwN%,
> (Fra) wrote:
>
>> hello
>>
>> Une security update ce soir. Je cherche à savoir ce qui a été corrigé...
>> Impossible de savoir.
>> <http://support.apple.com/downloads/Security_Update_2009_004__Leopard_>
>> "Security Update 2009-004 is recommended for all users and improves the
>> security of Mac OS X." Vous n'en saurez pas plus !!!
>
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Apple est un peu léger là dessus : ça fait 2 semaines que l'exploit est
sorti et que tout le monde a patché son bind en 4ème vitesse...
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
ben si...
APPLE-SA-2009-08-12-1 Security Update 2009-004
Security Update 2009-004 is now available and addresses the
following:
BIND
CVE-ID: CVE-2009-0696
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
Mac OS X v10.5.8, Mac OS X Server v10.5.8
Impact: A remote attacker may be able to cause the DNS server to
unexpectedly terminate
Description: A logic issue in the handling of dynamic DNS update
messages may cause an assertion to be triggered. By sending a
maliciously crafted update message to the BIND DNS server, a remote
attacker may be able to interrupt the BIND service. The issue affects
servers which are masters for one or more zones, regardless of
whether they accept updates. BIND is included with Mac OS X and Mac
OS X Server but it is not enabled by default. This update addresses
the issue by properly rejecting messages with a record of type 'ANY'
where an assertion would previously have been raised.
Une security update ce soir. Je cherche à savoir ce qui a été cor rigé...
Impossible de savoir.
Une security update ce soir. Je cherche à savoir ce qui a été cor rigé...
Impossible de savoir.
Une security update ce soir. Je cherche à savoir ce qui a été cor rigé...
Impossible de savoir.
Et tu as sorti ça d'où ?
For information on the security content of this update, please visit this
website:Apple Security Updates.
Et tu as sorti ça d'où ?
For information on the security content of this update, please visit this
website:Apple Security Updates.
Et tu as sorti ça d'où ?
For information on the security content of this update, please visit this
website:Apple Security Updates.
patpro ~ patrick proniewski wrote:
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Et tu as sorti ça d'où ?
patpro ~ patrick proniewski <patpro@boleskine.patpro.net> wrote:
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Et tu as sorti ça d'où ?
patpro ~ patrick proniewski wrote:
> ben si...
>
> APPLE-SA-2009-08-12-1 Security Update 2009-004
>
> Security Update 2009-004 is now available and addresses the
> following:
>
> BIND
> CVE-ID: CVE-2009-0696
> Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11,
> Mac OS X v10.5.8, Mac OS X Server v10.5.8
> Impact: A remote attacker may be able to cause the DNS server to
> unexpectedly terminate
> Description: A logic issue in the handling of dynamic DNS update
> messages may cause an assertion to be triggered. By sending a
> maliciously crafted update message to the BIND DNS server, a remote
> attacker may be able to interrupt the BIND service. The issue affects
> servers which are masters for one or more zones, regardless of
> whether they accept updates. BIND is included with Mac OS X and Mac
> OS X Server but it is not enabled by default. This update addresses
> the issue by properly rejecting messages with a record of type 'ANY'
> where an assertion would previously have been raised.
Et tu as sorti ça d'où ?
Fra wrote:
> Et tu as sorti ça d'où ?
En bas de la page, tu vois ce texte avec un lien :
> For information on the security content of this update, please visit this
> website:Apple Security Updates.
Une fois cliqué sur le lien tu arrives à une page avec entre autres un
tableau des différentes "Security Updates". La première entrée de ce
tableau concerne la plus récente, qui est celle qui t'intéresse. Tu
cliques sur le lien correspondant...
Voilà :-)
Fra <fra@alussinan.org> wrote:
> Et tu as sorti ça d'où ?
En bas de la page, tu vois ce texte avec un lien :
> For information on the security content of this update, please visit this
> website:Apple Security Updates.
Une fois cliqué sur le lien tu arrives à une page avec entre autres un
tableau des différentes "Security Updates". La première entrée de ce
tableau concerne la plus récente, qui est celle qui t'intéresse. Tu
cliques sur le lien correspondant...
Voilà :-)
Fra wrote:
> Et tu as sorti ça d'où ?
En bas de la page, tu vois ce texte avec un lien :
> For information on the security content of this update, please visit this
> website:Apple Security Updates.
Une fois cliqué sur le lien tu arrives à une page avec entre autres un
tableau des différentes "Security Updates". La première entrée de ce
tableau concerne la plus récente, qui est celle qui t'intéresse. Tu
cliques sur le lien correspondant...
Voilà :-)
sauf que le jour même de la demande de Fra, j'ai vérifié avant de
répondre, et l'info n'était pas encore publiée sur la page en question.
sauf que le jour même de la demande de Fra, j'ai vérifié avant de
répondre, et l'info n'était pas encore publiée sur la page en question.
sauf que le jour même de la demande de Fra, j'ai vérifié avant de
répondre, et l'info n'était pas encore publiée sur la page en question.