Login
Newsletter
Werbung

Sicherheit: Denial of Service in BIND
Aktuelle Meldungen Distributionen
Name: Denial of Service in BIND
ID: FEDORA-2013-13831
Distribution: Fedora
Plattformen: Fedora 18
Datum: Mo, 5. August 2013, 07:49
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4854
Applikationen: BIND

Originalnachricht

Name        : bind
Product : Fedora 18
Version : 9.9.3
Release : 4.P2.fc18
URL : http://www.isc.org/products/BIND/
Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System)
server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

-------------------------------------------------------------------------------
-
Update Information:

- update to 9.9.3-P2 (fix for CVE-2013-4854)
- update RRL patch to 9.9.3-P2-rl.13207.22
-------------------------------------------------------------------------------
-
ChangeLog:

* Sun Jul 28 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.3-4.P2
- update to 9.9.3-P2 (fix for CVE-2013-4854)
- update RRL patch to 9.9.3-P2-rl.13207.22
* Wed Jun 5 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.3-3.P1
- update to 9.9.3-P1 (fix for CVE-2013-3919)
- update RRL patch to 9.9.3-P1-rl.156.01
* Mon Jun 3 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.3-2
- ship dns/rrl.h in -devel subpkg
* Mon Jun 3 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.3-1
- update to 9.9.3
- update RRL patch to the latest version 9.9.3-rl.150.20
- drop/modify some patches to fit latest version
* Fri May 17 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.2-12.P2
- Fix segfault in host/nslookup (#878139)
* Fri May 3 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.2-11.P2
- fix crash in nsupdate when processing "-r" parameter (#949544)
- Include managed-keys-directory statement in named.conf.sample (#948026)
* Wed Mar 27 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.2-10.P2
- New upstream patch version fixing CVE-2013-2266 (#928032)
* Wed Mar 6 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.2-9.P1
- Fix Makefile.in to include header added by rate limiting patch (#918330)
* Mon Feb 18 2013 Adam Tkac <atkac redhat com> 32:9.9.2-8.P1
- include rate limiting patch
* Tue Jan 29 2013 Tomas Hozza <thozza@redhat.com> 32:9.9.2-7.P1
- Corrected IP addresses in named.ca (#901741)
- mount/umount /var/named in setup-named-chroot.sh as the last one (#904666)
* Thu Dec 20 2012 Adam Tkac <atkac redhat com> 32:9.9.2-6.P1
- generate /etc/rndc.key during named service startup if doesn't exist
- increase startup timeout in systemd units to 90sec (default)
- fix IDN related statement in dig.1 manpage
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #988999 - CVE-2013-4854 bind: named crash with an assertion failure
on parsing malformed rdata
https://bugzilla.redhat.com/show_bug.cgi?id=988999
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update bind' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung