Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Slackware 13.0: SSA:2009-336-01 Moderate: BIND Cache Poisoning

slackware
Calendar Grey December 3, 2009
Dist Slackware Esm H88
Recent updates to bind packages in Slackware address cache poisoning vulnerabilities. Users are encouraged to update to the newest version for enhanced security and better system performance.
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 13.0 ChangeLog: Wed Dec 2 20:51:55 UTC 2009 patches/packages/bind-9.4.3_P4-i486-1_slack13.0.txz: Upgraded. BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3. It addresses a potential cache poisoning vulnerability, in which data in the additional section of a response could be cached without proper DNSSEC validation. For more information, see: https://www.cve.org/CVERecord?id=CVE-2009-4022 http://www.kb.cert.org/vuls/id/418861 (* Security fix *)

Topics%20covered

Topics Covered

security advisory moderate security issue bind package upgrade Slackware cache poisoning

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -curre...

Read the Full Advisory

MD5 Signatures

Slackware 8.1 package: 9de9e38f113552581813e563f558af46 bind-9.4.3_P4-i386-1_slack8.1.tgz
Slackware 9.0 package: b7102229c23fdbe67861102d5a9cc07e bind-9.4.3_P4-i386-1_slack9.0.tgz
Slackware 9.1 package: a23619b1d9a4277823c133e02c2e17dd bind-9.4.3_P4-i486-1_slack9.1.tgz
Slackware 10.0 package: 41c019668b1cd93d4990c1c0a37871f3 bind-9.4.3_P4-i486-1_slack10.0.tgz
Slackware 10.1 package: 571af94b9ca6fa6270002a4ac2efd1a5 bind-9.4.3_P4-i486-1_slack10.1.tgz
Slackware 10.2 package: 9c0ebc0c1f17e3eb0bf3a34f748f6bea bind-9.4.3_P4-i486-1_slack10.2.tgz
Slackware 11.0 package: 4ab62ea68d43b85446590208530e6083 bind-9.4.3_P4-i486-1_slack11.0.tgz
Slackware 12.0 package: 05f4975b7915f38064772a5f8e32efac bind-9.4.3_P4-i486-1_slack12.0.tgz
Slackware 12.1 package: 7ae7259553108750e56bac592230d714 bind-9.4.3_P4-i486-1_slack12.1.tgz
Slackware 12.2 package: 94a40d14be8c76829d302d4e8b399ded bind-9.4.3_P4-i486-1_slack12.2.tgz
Slackware 13.0 package: 0ec5ee211c88e64d2db7406d37a76cde bind-9.4.3_P4-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 0889c8db7e6988809d52465cd60727fd bind-9.4.3_P4-x86_64-1_slack13.0.txz
Slackware -current package: cda70d71d2fbc98338b5e7852b63abee bind-9.4.3_P4-i486-1.txz
Slackware x86_64 -current package: f3b06522e828788b40d3811910ba272f bind-9.4.3_P4-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory moderate security issue bind package upgrade Slackware cache poisoning

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg bind-9.4.3_P4-i486-1_slack13.0.txz Then, restart BIND.

Related News

Your message here