Login
Newsletter
Werbung

Sicherheit: Möglicher DoS-Angriff auf BIND
Aktuelle Meldungen Distributionen
Name: Möglicher DoS-Angriff auf BIND
ID:
Distribution: Slackware
Plattformen: Slackware -current, Slackware 7.0, Slackware 7.1
Datum: Mo, 13. November 2000, 12:00
Referenzen: Keine Angabe
Applikationen: BIND

Originalnachricht

BIND version 8.2.2-P5 has a denial of service bug.  The code intended to
provide support for the transfer of compressed zone files can crash the
name server. More BIND security information can be found at:

http://www.isc.org/products/BIND/bind8.html

By upgrading to BIND 8.2.2-P7, users can fix this problem. A new bind.tgz
package is available for users of Slackware Linux 7.0, 7.1, and -current.


=======================================
BIND 8.2.2-P7 AVAILABLE - (n1/bind.tgz)
=======================================

The denial of service vulnerability that affects BIND 8.2.2-P5 can
be fixed by upgrading to the new BIND 8.2.2-P7 package. The new
bind.tgz is available in the -current branch:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/bind.tgz

For verification purposes, we provide the following checksums:

16-bit "sum" checksum:
41816 1611 n1/bind.tgz

128-bit MD5 message digest:
acce19918ebb3cf0159f0690e5d167ae n1/bind.tgz


INSTALLATION INSTRUCTIONS FOR THE bind.tgz PACKAGE:
---------------------------------------------------
Be sure to backup your name server configuration files (/etc/named.conf
and the /var/named directory) for safe measure. Then stop the name
server:

# ndc stop

Now run upgradepkg on the new BIND package:

# upgradepkg bind.tgz

The name server can now be restarted:

# ndc start



Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+
Pro-Linux
Frohe Ostern
Neue Nachrichten
Werbung