[PLDSA 35-1] New bind packages fix buffer overrun
Krzysiek Taraszka
dzimi at pld.org.pl
Sat May 3 15:42:50 CEST 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 35-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
07 March 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to bind-9.2.1-11
Vulnerability : buffer overrun
Problem-Type : remote
PLD-specific : no
ISC has discovered or has been notified of several bugs which can result in
vulnerabilities of varying levels of severity in BIND as distributed by ISC.
One of them is security problem witch cause remote buffer overrun.
The above problems have been fixed in version 9.2.2-1 for the
current stable distribution (ra).
We recommend that you upgrade your bind packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'bind*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'bind*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/bind-9.2.2-1.src.rpm
MD5 checksum: 7924bfd544b6fc6a97133b52a237850e
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-9.2.2-1.i386.rpm
MD5 checksum: 86c90722b2b81d4727d9fff31882e652
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-devel-9.2.2-1.i386.rpm
MD5 checksum: 318c80cdbc74aa4e25aab09b73340d44
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-libs-9.2.2-1.i386.rpm
MD5 checksum: 363001d3c19ea7eed9f04d7f81cd5b23
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-static-9.2.2-1.i386.rpm
MD5 checksum: a926e4aa71cae24bc65f395241de1619
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/bind-utils-9.2.2-1.i386.rpm
MD5 checksum: 7a25c0fda2b87152d80958d719d0f7ed
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-9.2.2-1.i586.rpm
MD5 checksum: 3be3c551a249b5fe5cf4672356b32753
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-devel-9.2.2-1.i586.rpm
MD5 checksum: 2dfad87f402662a06565253a945cdc86
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-libs-9.2.2-1.i586.rpm
MD5 checksum: fda936a102ddefd2bae6dd69d1498ce1
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-static-9.2.2-1.i586.rpm
MD5 checksum: c83f54cebe4c27523bd6f79ed75f2145
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/bind-utils-9.2.2-1.i586.rpm
MD5 checksum: 277d1014897299d0c081c5dafac93e68
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-9.2.2-1.i686.rpm
MD5 checksum: 9d69c3ad01c33848f7236ffe13de43e3
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-devel-9.2.2-1.i686.rpm
MD5 checksum: d42660753fced51a7f450c7068c2e697
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-libs-9.2.2-1.i686.rpm
MD5 checksum: 78c70a566922fa23e9303fed3eee88e4
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-static-9.2.2-1.i686.rpm
MD5 checksum: bc99e19b86caddc3b01f84d5b1b88e2c
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/bind-utils-9.2.2-1.i686.rpm
MD5 checksum: e98b6da3e919aa24c02d703688bf9141
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-9.2.2-1.ppc.rpm
MD5 checksum: 597e1775a401a3c2cf978687e4bce634
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-devel-9.2.2-1.ppc.rpm
MD5 checksum: d7c1a0b08e6785e533d2adfe2921862e
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-libs-9.2.2-1.ppc.rpm
MD5 checksum: 3b3823ac3a1eb70d27ac796beff01c2f
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-static-9.2.2-1.ppc.rpm
MD5 checksum: aa4fe45a62a95cb4dac8f2b2e93ea424
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/bind-utils-9.2.2-1.ppc.rpm
MD5 checksum: 27ec8a1e4db31cd0c573e8e59fe0d942
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list