The Slackware Linux Project: Mailing List Info

Mailing List Info

News
Security Advisories
FAQ
Book
General Info
Get Slack
Install Help
Configuration
Packages
ChangeLogs
Propaganda
Ports
Other Sites
Support
Contact

Mailing Lists
Archives

About

From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] multiple vulnerabilities in bind 8.x
Date: Mon, 29 Jan 2001 09:07:59 -0800 (PST)

Multiple vulnerabilities exist in the versions of BIND found in Slackware
7.1 and -current.  Users of BIND 8.x are urged to upgrade to 8.2.3 to fix
these problems.  More information can be found on the BIND website:

   http://www.isc.org/products/BIND/

... and in the CERT Advisory CA-2001-02 - Multiple Vulnerabilities in BIND:

   http://www.cert.org/advisories/CA-2001-02.html

By upgrading to BIND 8.2.3, users can fix these problems. 


 =================================
 BIND 8.2.3 AVAILABLE - (bind.tgz)
 =================================

  Multiple vulnerabilities have been patched in BIND.  Upgrading to BIND
  8.2.3 addreses these vulnerabilities.  Packages available:

     For Slackware -current:
     ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/bind.tgz

     For Slackware 7.1:
     ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/bind.tgz

  For verification purposes, we provide the following checksums:

     For Slackware -current:
        16-bit "sum" checksum:
        41667  1641   bind.tgz

        128-bit MD5 message digest:
        a46dd2ba74f50d0acba68ea0a38955d9  bind.tgz

     For Slackware 7.1:
        16-bit "sum" checksum:
        58057  1640   bind.tgz

        128-bit MD5 message digest:
        eaaeeea64ab3ecd1dcc33149f9ee93a9  bind.tgz


  INSTALLATION INSTRUCTIONS FOR THE bind.tgz PACKAGE:
  ---------------------------------------------------
  Be sure to backup your name server configuration files (/etc/named.conf
  and the /var/named directory) for safe measure.  Then stop the name
  server:

         # ndc stop

  Now run upgradepkg on the new BIND package:

         # upgradepkg bind.tgz

  The name server can now be restarted:

         # ndc start



Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
  http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

Slackware™ is a trademark of Patrick Volkerding.