2011年7月 6日

[installer 2865] BIND 9.6-ESV-R4-P3, 9.7.3-P3, 9.8.0-P4

BIND 9.6-ESV-R4-P3, 9.7.3-P3, 9.8.0-P4 出ています。

複数のセキュリティホールの修正版です。
http://www.isc.org/software/bind/advisories/cve-2011-2464
http://www.isc.org/software/bind/advisories/cve-2011-2465
http://www.kb.cert.org/vuls/id/142646
http://www.kb.cert.org/vuls/id/137968
http://jprs.jp/tech/security/2011-07-05-bind9-vuln-remote-packet-auth-and-recurse.html

http://jprs.jp/tech/security/2011-07-05-bind98-vuln-rpz-dname.html
http://www.jpcert.or.jp/at/2011/at110019.html
参照のこと。

☆ BIND 9.6-ESV-R4-P3
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.6-ESV-R5b1/bind-9.6-ESV-R5b1.tar.gz

--- 9.6-ESV-R4-P3 released ---

3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]

--- 9.6-ESV-R4-P2 released (withdrawn) ---

3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]

☆ BIND 9.7.3-P3
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.7.3-P3/bind-9.7.3-P3.tar.gz

--- 9.7.3-P3 released ---

3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]

--- 9.7.3-P2 released (withdrawn) ---

3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]


☆ BIND 9.8.0-P4
https://www.isc.org/software/bind
ftp://ftp.isc.org/isc/bind/9.8.0-P4/bind-9.8.0-P4.tar.gz

--- 9.8.0-P4 released ---

3124. [bug] Use an rdataset attribute flag to indicate
negative-cache records rather than using rrtype 0;
this will prevent problems when that rrtype is
used in actual DNS packets. [RT #24777]

--- 9.8.0-P3 released (withdrawn) ---

3126. [security] Using DNAME record to generate replacements caused
RPZ to exit with a assertion failure. [RT #23766]

3125. [security] Using wildcard CNAME records as a replacement with
RPZ caused named to exit with a assertion failure.
[RT #24715]

3123. [security] Change #2912 exposed a latent flaw in
dns_rdataset_totext() that could cause named to
crash with an assertion failure. [RT #24777]

3115. [bug] Named could fail to return requested data when
following a CNAME that points into the same zone.
[RT #24455]

----
こがよういちろう


投稿者 xml-rpc : 2011年7月 6日 13:00
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/104764
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。