Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Slackware: 2010-176-01 Critical: Bind DNSSEC Cache Poisoning Risk

slackware
Calendar Grey June 25, 2010
Dist Slackware Esm H88
Recent updates for Slackware include new bind packages aimed at resolving security vulnerabilities associated with DNSSEC and potential cache poisoning threats.
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when DNSSEC is enabled (which...

Summary

Here are the details from the Slackware 13.1 ChangeLog: patches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and checking is disabled (CD). For more information, see: https://www.cve.org/CVERecord?id=CVE-2009-4022 https://www.cve.org/CVERecord?id=CVE-2010-0097 (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical bind security fix slackware cache poisoning dnssec

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 8.1:
Updated package for Slackware 9.0:
Updated package for Slackware 9.1:
Updated package for Slackware 10.0:
Updated package for Slackware 10.1:
Updated package for Slackware 10.2:
Updated package for Slackware 11.0:
Updated package for Slackware 12.0:
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Upda...

Read the Full Advisory

MD5 Signatures

Slackware 8.1 package: c78e8a6cde34015681063a3d1c40c6c1 bind-9.4.3_P5-i386-1_slack8.1.tgz
Slackware 9.0 package: 9fcb18dfc779ecc7f6d69171e398c620 bind-9.4.3_P5-i386-1_slack9.0.tgz
Slackware 9.1 package: 3eb9a4b1973b6a3a2f779a3038269a31 bind-9.4.3_P5-i486-1_slack9.1.tgz
Slackware 10.0 package: 7e11d017c1962f8ef92cfb1e9f39139b bind-9.4.3_P5-i486-1_slack10.0.tgz
Slackware 10.1 package: 4dddfb400d6d928e41c7aa4bf7339547 bind-9.4.3_P5-i486-1_slack10.1.tgz
Slackware 10.2 package: fe87668c84020ebf28b46910df71bb07 bind-9.4.3_P5-i486-1_slack10.2.tgz
Slackware 11.0 package: 639efc6a35ccee727f0177089d241857 bind-9.4.3_P5-i486-1_slack11.0.tgz
Slackware 12.0 package: 195c3bd1898d5118fe5cedfe6131e83b bind-9.4.3_P5-i486-1_slack12.0.tgz
Slackware 12.1 package: 95fc95a77a99df46d35a578e069a965b bind-9.4.3_P5-i486-1_slack12.1.tgz
Slackware 12.2 package: aa8bdaedd7b7f6f36ff22be779182ff9 bind-9.4.3_P5-i486-1_slack12.2.tgz
Slackware 13.0 package: 8d7ed3c0ae07a33aea7f506b25bec015 bind-9.4.3_P5-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: bb1f6aa2682743173135776e1ff0fadd bind-9.4.3_P5-x86_64-1_slack13.0.txz
Slackware 13.1 package: c619cc02e89ba23a62dfb7726105e40e bind-9.4.3_P5-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: cb61186275370d1eddc62024725f5d05 bind-9.4.3_P5-x86_64-1_slack13.1.txz
Slackware -current package: 011ae9faeb16bf6e37ed9c8cbf8bb718 n/bind-9.7.1-i486-1.txz
Slackware x86_64 -current package: e2d2e29b620581c725e68e75af7ba759 n/bind-9.7.1-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical bind security fix slackware cache poisoning dnssec

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg bind-9.4.3_P5-i486-1_slack13.1.txz Then, restart the name server: # /etc/rc.d/rc.bind restart

Your message here