Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Slackware 12.2: 2009-014-02 Critical: Bind Security Issue

slackware
Calendar Grey January 15, 2009
Dist Slackware Esm H88
Latest bind updates released for Slackware to fix severe security vulnerabilities. See upgrade guidelines here.
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/bind-9.4.3_P1-i486-1_slack12.2.tgz: Upgraded to bind-9.4.3-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: http://ocert.org/advisories/ocert-2008-016.html https://www.cve.org/CVERecord?id=CVE-2008-5077 https://www.cve.org/CVERecord?id=CVE-2009-0025 (* Security fix *)

Topics%20covered

Topics Covered

security advisory security issue critical bind package update slackware

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware -current:

MD5 Signatures

Slackware 8.1 package: edd05026b26456ab9d289859938bb814 bind-9.3.6_P1-i386-1_slack8.1.tgz
Slackware 9.0 package: 10231e7f1897922da941a279eb21760d bind-9.3.6_P1-i386-1_slack9.0.tgz
Slackware 9.1 package: ce87f93cfd8318cabf0d4e5352a565f0 bind-9.3.6_P1-i486-1_slack9.1.tgz
Slackware 10.0 package: d7fe61dabf0cdf0c9fcf6abf29678a8f bind-9.3.6_P1-i486-1_slack10.0.tgz
Slackware 10.1 package: 88969b8ecd35ed1a3c08d4e6272fab60 bind-9.3.6_P1-i486-1_slack10.1.tgz
Slackware 10.2 package: 098df4ea59e7b90c52fe120be3725290 bind-9.3.6_P1-i486-1_slack10.2.tgz
Slackware 11.0 package: 4873a024a185646d814bbd4b0f451a9b bind-9.3.6_P1-i486-1_slack11.0.tgz
Slackware 12.0 package: ae63659f57ac78a22213bb1f8ab9c616 bind-9.4.3_P1-i486-1_slack12.0.tgz
Slackware 12.1 package: 5a8618e93640b56f20a59eee0cb39d49 bind-9.4.3_P1-i486-1_slack12.1.tgz
Slackware 12.2 package: 41f9d674367df3a3726c82e58e0de149 bind-9.4.3_P1-i486-1_slack12.2.tgz
Slackware -current package: d33c44d4b62e4f6eb0ae4ab8b137064c bind-9.4.3_P1-i486-1.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue critical bind package update slackware

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg bind-9.4.3_P1-i486-1_slack12.2.tgz

Related News

Your message here