2011年5月27日

[installer 2810] BIND 9.6-ESV-R4-P1, 9.7.3-P1, 9.8.0-P2

BIND 9.6-ESV-R4-P1, 9.7.3-P1, 9.8.0-P2 出ています。

おそらく簡単にキャッシュサーバをクラッシュさせることができてしまう
セキュリティホールの修正版です。
9.4 系については 9.4-ESV-R4-P1 をすぐにリリースするようです。
http://www.isc.org/software/bind/advisories/cve-2011-1910
参照のこと。

☆ BIND 9.6-ESV-R4-P1
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.6-ESV-R5b1/bind-9.6-ESV-R5b1.tar.gz

--- 9.6-ESV-R4-P1 released ---

3121. [security] An authoritative name server sending a negative
response containing a very large RRset could
trigger an off-by-one error in the ncache code
and crash named. [RT #24650]

3120. [bug] Named could fail to validate zones listed in a DLV
that validated insecure without using DLV and had
DS records in the parent zone. [RT #24631]


☆ BIND 9.7.3-P1
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.7.3-P1/bind-9.7.3-P1.tar.gz

--- 9.7.3-P1 released ---

3121. [security] An authoritative name server sending a negative
response containing a very large RRset could
trigger an off-by-one error in the ncache code
and crash named. [RT #24650]

3120. [bug] Named could fail to validate zones listed in a DLV
that validated insecure without using DLV and had
DS records in the parent zone. [RT #24631]


☆ BIND 9.8.0-P2
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.8.0-P2/bind-9.8.0-P2.tar.gz

--- 9.8.0-P2 released ---

3121. [security] An authoritative name server sending a negative
response containing a very large RRset could
trigger an off-by-one error in the ncache code
and crash named. [RT #24650]

3120. [bug] Named could fail to validate zones listed in a DLV
that validated insecure without using DLV and had
DS records in the parent zone. [RT #24631]

----
こがよういちろう


投稿者 xml-rpc : 2011年5月27日 15:20
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/104044
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。