Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

Slackware: 2014-028-01 Critical: Bind Security Update for Multiple Versions

slackware
Calendar Grey January 28, 2014
Dist Slackware Esm H88
Recent updates for bind packages have been made available across several Slackware versions to address a significant flaw that results in server failures.
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.4_P2-i486-1_slack14.1.txz: Upgraded. This update fixes a defect in the handling of NSEC3-signed zones that can cause BIND to be crashed by a specific set of queries. NOTE: According to the second link below, Slackware is probably not vulnerable since we aren't using glibc-2.18 yet. Might as well fix it anyway, though. For more information, see: https://kb.isc.org/docs/aa-01078 https://kb.isc.org/docs/aa-01085 https://www.cve.org/CVERecord?id=CVE-2014-0591 (* Security fix *)

Topics%20covered

Topics Covered

security advisory security issue bind package update critical fix Slackware server crash

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 13.0:
Updated package for Slackware x86_64 13.0:
Updated package for Slackware 13.1:
Updated package for Slackware x86_64 13.1:
Updated package for Slackware 13.37:
Updated package for Slackware x86_64 13.37:
Updated package for Slackware 14.0:
Updated package for Slackware x86_64 14.0:
Updated package for Slackware 14.1:
Updated package for Slackware x86_64 14.1:
Updated package for Slackware -current:
Updated package for Slackware x86_64 -current:

MD5 Signatures

Slackware 13.0 package: 2eb36dc7349e44def91cc6db6ae5d658 bind-9.8.6_P2-i486-1_slack13.0.txz
Slackware x86_64 13.0 package: 6099d08cabf1d1a6b0b9a31a95262f5a bind-9.8.6_P2-x86_64-1_slack13.0.txz
Slackware 13.1 package: 110e34375d7b09a786d0736165326971 bind-9.8.6_P2-i486-1_slack13.1.txz
Slackware x86_64 13.1 package: abff31deaf043c2a2642a8b5a9e9e796 bind-9.8.6_P2-x86_64-1_slack13.1.txz
Slackware 13.37 package: 99a5ca5fd966b94814ad608eb9ee1568 bind-9.8.6_P2-i486-1_slack13.37.txz
Slackware x86_64 13.37 package: 0d90e03e8a39bfc6ba680b6843e8f639 bind-9.8.6_P2-x86_64-1_slack13.37.txz
Slackware 14.0 package: b7228e1c2731026c37328d3a4ec00ef0 bind-9.9.4_P2-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: b8413da93120bc47e4621af9ca0c4c2a bind-9.9.4_P2-x86_64-1_slack14.0.txz
Slackware 14.1 package: 12fc3019f0b06f5ee1839c6ab6fdb360 bind-9.9.4_P2-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 3fd4de6656f6f5d3547040947924055e bind-9.9.4_P2-x86_64-1_slack14.1.txz
Slackware -current package: 3384fcc477802f13d716ff77146bd1d0 n/bind-9.9.4_P2-i486-1.txz
Slackware x86_64 -current package: ab16e27bf2916175598afe60059ccfb1 n/bind-9.9.4_P2-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue bind package update critical fix Slackware server crash

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg bind-9.9.4_P2-i486-1_slack14.1.txz Then, restart the name server: # /etc/rc.d/rc.bind restart

Related News

Your message here