Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Slackware 14.0: SSA:2012-285-02 Urgent OpenSSL Vulnerability Patch

slackware
Calendar Grey October 11, 2012
Dist Slackware Esm H88
Latest updates for bind packages address a serious security vulnerability affecting several releases of Slackware Linux. Immediate upgrade is advised.
New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.0 ChangeLog: patches/packages/bind-9.9.1_P4-i486-1_slack14.0.txz: Upgraded. This update fixes a security issue where a certain combination of records in the RBT could cause named to hang while populating the additional section of a response. [RT #31090] (* Security fix *)

Topics%20covered

Topics Covered

security advisory security issue critical bind slackware service disruption

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 12.1:
Updated package for Slackware 12.2:
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 12.1 package: 6495e00c9670abc583343ea9a0dd031e bind-9.7.6_P4-i486-1_slack12.1.tgz
Slackware 12.2 package: edfe59e933b1c4b3edbcdaac6a0ae50a bind-9.7.6_P4-i486-1_slack12.2.tgz
Slackware 13.0 package: d6e57c3ed0949b294bedcfdec8c23c6e bind-9.7.6_P4-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 589104baad05929814d3ed65b28e692b bind-9.7.6_P4-x86_64-1_slack13.0.txz
Slackware 13.1 package: 7e510942a3503addd2753636b081a028 bind-9.7.6_P4-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: f46c536963e98d1b5ed50e7f7d12918f bind-9.7.6_P4-x86_64-1_slack13.1.txz
Slackware 13.37 package: 5a2eabaa9125b1048cacceed3fc20609 bind-9.7.6_P4-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 9cf37f8bd7623ce8550a95fc2f310d1a bind-9.7.6_P4-x86_64-1_slack13.37.txz
Slackware 14.0 package: 33255621e06a1e6684f5411d57a5b777 bind-9.9.1_P4-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: cc53beb9960d71468ec4b13f6701254a bind-9.9.1_P4-x86_64-1_slack14.0.txz
Slackware -current package: 3b05ed629c335a98f18ab266c90169e1 n/bind-9.9.2-i486-1.txz
Slackware x86_64 -current package: 68a3911a3593e30d02f31b07f5ceb111 n/bind-9.9.2-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue critical bind slackware service disruption

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg bind-9.9.1_P4-i486-1_slack14.0.txz Then, restart the name server: # /etc/rc.d/rc.bind restart

Related News

Your message here