U radu programskog paketa BIND uočena je sigurnosna ranjivost koju udaljeni napadač može iskoristiti za izvođenje DoS napada (rušenje aplikacije).
Paket:
BIND 9.7.x
Operacijski sustavi:
Slackware Linux 8.1, Slackware Linux 9.0, Slackware Linux 9.1, Slackware Linux 10.0, Slackware Linux 10.1, Slackware Linux 10.2, Slackware Linux 11.0, Slackware Linux 12.0, Slackware Linux 12.1, Slackware Linux 12.2, Slackware Linux 13.0, Slackware Linux 13.1, Slackware Linux 13.37
Kritičnost:
5.8
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-1910
Izvorni ID preporuke:
SSA:2011-147-01
Izvor:
Slackware
Problem:
Do propusta dolazi uslijed neodgovarajućeg rukovanja određenim RRset (Resource Record Set) zapisima.
Posljedica:
Napadač može iskoristiti navedenu nepravilnost za izvođenje DoS napada.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] bind (SSA:2011-147-01)
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security
issues.
Here are the details from the Slackware 13.37 ChangeLog:
+--------------------------+
patches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz: Upgraded.
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won't validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *)
+--------------------------+
Where to find the new packages:
+-----------------------------+
HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz
Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz
Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz
Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz
Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz
Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz
Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz
Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz
Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz
Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz
Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz
Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz
Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz
Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz
Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz
Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.3_P1-x86_64-1_slack13.37.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.3_P1-i486-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.3_P1-x86_64-1.txz
MD5 signatures:
+-------------+
Slackware 8.1 package:
8aa76355e5ce1432688a18f2fe354533 bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz
Slackware 9.0 package:
8ef7d9bd5dab0da250a505c4e5836095 bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz
Slackware 9.1 package:
a85a3d84d502a4523259783636bd95d1 bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz
Slackware 10.0 package:
52ebf11a85312213a8aac6a7d47e7366 bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz
Slackware 10.1 package:
53f8132077bd77fb818b402030d10ff8 bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz
Slackware 10.2 package:
75f1f4be1eb53356bf0375d06cb94e8e bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz
Slackware 11.0 package:
0064358785c0d118600d75a58005a944 bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz
Slackware 12.0 package:
152ca0eb0b0e1e16a3d4fc6de1b4fa11 bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz
Slackware 12.1 package:
6162c65c46f3e52de36c19d1ebe880d1 bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz
Slackware 12.2 package:
82441358f2653c2b6c8feebe4274c8de bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz
Slackware 13.0 package:
697e60fcdf95e468a9c51beefc444992 bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz
Slackware x86_64 13.0 package:
322abb43ddd20aabccaa2bfa2433aa9c bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz
Slackware 13.1 package:
d7d4386738483088b4ef6d6f72f18478 bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz
Slackware 13.37 package:
98dccb44c9193d8e8392e28db9cdca5d bind-9.7.3_P1-i486-1_slack13.37.txz
Slackware x86_64 13.1 package:
a7faea792671b6a60c7a386907b8e143 bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz
Slackware x86_64 13.37 package:
58c7dd0fc47d0e0eeeb2e6a3663a8507 bind-9.7.3_P1-x86_64-1_slack13.37.txz
Slackware -current package:
b720d39eee93e2681532a6db509c3fd8 n/bind-9.7.3_P1-i486-1.txz
Slackware x86_64 -current package:
9ffcbc127fb1bfa67b75b77ceba123a9 n/bind-9.7.3_P1-x86_64-1.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg bind-9.7.3_P1-i486-1_slack13.37.txz
Then, restart the name server:
# /etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite. with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk3gNwgACgkQakRjwEAQIjPMpwCfUuXaixmpqxnLM6y5YdzG3Vm8
fJMAnjcBWGgw6REGS3lrLTUDZMWQXs85
=Zmm3
-----END PGP SIGNATURE-----
Posljednje sigurnosne preporuke