Login
Newsletter
Werbung
Sicherheit: Denial of Service in BIND
Aktuelle Meldungen Distributionen
Name: Denial of Service in BIND
ID: MDVSA-2011:104
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2009.0, Mandriva Enterprise Server 5.0, Mandriva 2010.1
Datum: Mi, 1. Juni 2011, 14:30
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
Applikationen: BIND

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1306931051-2461-79

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2011:104
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : bind
 Date    : June 1, 2011
 Affected: 2009.0, 2010.1, Corporate 4.0, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been identified and fixed in ISC BIND:
 
 Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x
 before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before
 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service
 (assertion failure and daemon exit) via a negative response containing
 large RRSIG RRsets (CVE-2011-1910).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490
 
 The updated packages have been patched to correct this issue. For
 2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to
 this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 ebe0e9136ca078d55e8474b7e4774fa0  2009.0/i586/bind-9.6.2-0.3mdv2009.0.i586.rpm
 4bcead4d6fffece6a8786e20580f433b 
 2009.0/i586/bind-devel-9.6.2-0.3mdv2009.0.i586.rpm
 7c4269cc12c36c81b8d5e6beda01db22 
 2009.0/i586/bind-doc-9.6.2-0.3mdv2009.0.i586.rpm
 180a7897d73d5f81bb22403bbfd01301 
 2009.0/i586/bind-utils-9.6.2-0.3mdv2009.0.i586.rpm 
 9ce92b36b69535037658b12de6ba91f3  2009.0/SRPMS/bind-9.6.2-0.3mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 b9711c2fc96a83b7b3ce16e872480a94 
 2009.0/x86_64/bind-9.6.2-0.3mdv2009.0.x86_64.rpm
 835c967bdb7e163ee650ad4c2a93a02e 
 2009.0/x86_64/bind-devel-9.6.2-0.3mdv2009.0.x86_64.rpm
 afd62cab2b8be8ab47307541cda19b1b 
 2009.0/x86_64/bind-doc-9.6.2-0.3mdv2009.0.x86_64.rpm
 949e7df04821a40c180a43323fb1b6b3 
 2009.0/x86_64/bind-utils-9.6.2-0.3mdv2009.0.x86_64.rpm 
 9ce92b36b69535037658b12de6ba91f3  2009.0/SRPMS/bind-9.6.2-0.3mdv2009.0.src.rpm

 Mandriva Linux 2010.1:
 facbc4e2c06e947c116f22c6ab546dc9 
 2010.1/i586/bind-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm
 15fe702c18438ad9a9d07d1a08e8dc5e 
 2010.1/i586/bind-devel-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm
 f67cc34ea4fa188c6e1ce78a2f418cec 
 2010.1/i586/bind-doc-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm
 c954e45cc2f928f8c241c1c544b76c1b 
 2010.1/i586/bind-utils-9.7.3-0.0.P1.1.1mdv2010.2.i586.rpm 
 a258d307cde57f5f8f750311d1922aee 
 2010.1/SRPMS/bind-9.7.3-0.0.P1.1.1mdv2010.2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 7fc178b5236b9d82e028f1d95a0995e7 
 2010.1/x86_64/bind-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm
 b9a1c2434083eec6bdf537249f62ef12 
 2010.1/x86_64/bind-devel-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm
 923cbacff1dd7b8a35b248af46979f84 
 2010.1/x86_64/bind-doc-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm
 c564274f9fd0a837963cd7359ef520de 
 2010.1/x86_64/bind-utils-9.7.3-0.0.P1.1.1mdv2010.2.x86_64.rpm 
 a258d307cde57f5f8f750311d1922aee 
 2010.1/SRPMS/bind-9.7.3-0.0.P1.1.1mdv2010.2.src.rpm

 Corporate 4.0:
 438be9cf334ebfabac9128ab17488b16 
 corporate/4.0/i586/bind-9.4.3-0.4.20060mlcs4.i586.rpm
 73bdfc4039746f9f5ecc95c8b02c9baa 
 corporate/4.0/i586/bind-devel-9.4.3-0.4.20060mlcs4.i586.rpm
 b659532890edec643588df8097b4f9a4 
 corporate/4.0/i586/bind-utils-9.4.3-0.4.20060mlcs4.i586.rpm 
 6264781c61bac05330db0300520686aa 
 corporate/4.0/SRPMS/bind-9.4.3-0.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 a202e00d59ea543e2e2683ebd21509c2 
 corporate/4.0/x86_64/bind-9.4.3-0.4.20060mlcs4.x86_64.rpm
 c020841e7cc8ee34ec576a3dd3a6c053 
 corporate/4.0/x86_64/bind-devel-9.4.3-0.4.20060mlcs4.x86_64.rpm
 47ee68c9f935447a0160850a6f151fb5 
 corporate/4.0/x86_64/bind-utils-9.4.3-0.4.20060mlcs4.x86_64.rpm 
 6264781c61bac05330db0300520686aa 
 corporate/4.0/SRPMS/bind-9.4.3-0.4.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 467bf36fd2f979b44936a5048e66b177  mes5/i586/bind-9.6.2-0.3mdvmes5.2.i586.rpm
 cb277066933724335637f05c89371a06 
 mes5/i586/bind-devel-9.6.2-0.3mdvmes5.2.i586.rpm
 fc839ab342e30da3777d4e15af7412f6 
 mes5/i586/bind-doc-9.6.2-0.3mdvmes5.2.i586.rpm
 e71726f1845cb35577fe18af40ec8798 
 mes5/i586/bind-utils-9.6.2-0.3mdvmes5.2.i586.rpm 
 ca697b83e7ae5d4d108ae6ca6ce95107  mes5/SRPMS/bind-9.6.2-0.3mdvmes5.2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 7a488676d28da8704b51ca731b726697 
 mes5/x86_64/bind-9.6.2-0.3mdvmes5.2.x86_64.rpm
 4803a569597c7372b7b2323da9220d4d 
 mes5/x86_64/bind-devel-9.6.2-0.3mdvmes5.2.x86_64.rpm
 1a6c027085db39464be568061c70c877 
 mes5/x86_64/bind-doc-9.6.2-0.3mdvmes5.2.x86_64.rpm
 f520ec26e2c0e68e1f82767f1a4b6d54 
 mes5/x86_64/bind-utils-9.6.2-0.3mdvmes5.2.x86_64.rpm 
 ca697b83e7ae5d4d108ae6ca6ce95107  mes5/SRPMS/bind-9.6.2-0.3mdvmes5.2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFN5f6imqjQ0CJFipgRAs4wAKDOL3FTk7jSEWa5qTIKW9MIDK1JPACg4OaL
NIUpP5tPKWYzuVaSXDP6iyg=
=rGeL
-----END PGP SIGNATURE-----


------------=_1306931051-2461-79
Content-Type: text/plain; charset="UTF-8";
 name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1306931051-2461-79--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung