|
|
From: Slackware Security Team <security@slackware.com>
To: slackware-security@slackware.com
Subject: [slackware-security] Slackware 15.0 bind (SSA:2022-080-01)
Date: Mon, 21 Mar 2022 13:30:23 -0700 (PDT) |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] Slackware 15.0 bind (SSA:2022-080-01)
New bind packages are available for Slackware 15.0, since the previous patch
mistakenly moved to a newer BIND branch. These packages do not fix any security
issues that weren't already fixed in the bind-9.18.1 packages, which have been
moved into /testing, but the BIND 9.16 LTS version is the correct one for
Slackware 15.0.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/bind-9.16.27-i586-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I've moved
the other packages into /testing. Thanks to Nobby6 for pointing this out.
This update fixes bugs and the following security issues:
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
(* Security fix *)
testing/packages/bind-9.18.1-i586-1_slack15.0.txz: Moved.
+--------------------------+
Where to find the new packages:
+-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/bind-9.16.27-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz
MD5 signatures:
+-------------+
Slackware 15.0 package:
cb7677e69257e3e6fdb37b2c2d2055a6 bind-9.16.27-i586-1_slack15.0.txz
Slackware x86_64 15.0 package:
629150da7488246c739456e332d5b8e6 bind-9.16.27-x86_64-1_slack15.0.txz
Installation instructions:
+------------------------+
Upgrade the package as root:
# upgradepkg bind-9.16.27-i586-1_slack15.0.txz
Then, restart the name server:
# /etc/rc.d/rc.bind restart
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAmI438wACgkQakRjwEAQIjMm+wCfZ0NIypJISEPHi6yI5OYhfE5T
GY0An1zgC6T8qAQU6wCTL+QHOt9mTKjm
=+HoF
-----END PGP SIGNATURE-----
|
| |