2010年1月20日

[installer 2213] Re: BIND 9.6.1-P3, 9.5.2-P2, 9.4.3-P5

(Wed, 20 Jan 2010 10:26:20 +0900 (JST))
Koga Youichirou <y-koga@xxxxx>:
> BIND 9.6.1-P3, 9.5.2-P2, 9.4.3-P5 出ています。
>
> キャッシュポイズニングぜい弱性の修正版です。

DNSSEC の検証を有効にしている場合限定のようです。

https://www.isc.org/advisories/CVE-2009-4022v6
https://www.isc.org/advisories/CVE-2010-0097
参照のこと。

> ☆ BIND 9.6.1-P3
> https://www.isc.org/software/bind
> ftp://ftp.isc.org/isc/bind9/9.6.1-P3/bind-9.6.1-P3.tar.gz
>
> --- 9.6.1-P3 released ---
>
> 2831. [security] Do not attempt to validate or cache
> out-of-bailiwick data returned with a secure
> answer; it must be re-fetched from its original
> source and validated in that context. [RT #20819]
>
> 2828. [security] Cached CNAME or DNAME RR could be returned to clients
> without DNSSEC validation. [RT #20737]
>
> 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
>
>
> ☆ BIND 9.5.2-P2
> https://www.isc.org/software/bind
> ftp://ftp.isc.org/isc/bind9/9.5.2-P2/bind-9.5.2-P2.tar.gz
>
> --- 9.5.2-P2 released ---
>
> 2831. [security] Do not attempt to validate or cache
> out-of-bailiwick data returned with a secure
> answer; it must be re-fetched from its original
> source and validated in that context. [RT #20819]
>
> 2828. [security] Cached CNAME or DNAME RR could be returned to clients
> without DNSSEC validation. [RT #20737]
>
> 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]
>
>
> ☆ BIND 9.4.3-P5
> https://www.isc.org/software/bind
> ftp://ftp.isc.org/isc/bind9/9.4.3-P5/bind-9.4.3-P5.tar.gz
>
> --- 9.4.3-P5 released ---
>
> 2831. [security] Do not attempt to validate or cache
> out-of-bailiwick data returned with a secure
> answer; it must be re-fetched from its original
> source and validated in that context. [RT #20819]
>
> 2828. [security] Cached CNAME or DNAME RR could be returned to clients
> without DNSSEC validation. [RT #20737]
>
> 2827. [security] Bogus NXDOMAIN could be cached as if valid. [RT #20712]

----
こがよういちろう


投稿者 xml-rpc : 2010年1月20日 10:31
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/92496
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。