Date: Mon, 29 Jan 2001 09:07:59 -0800
From: Slackware Security Team <[email protected]>
To: [email protected]Subject: [slackware-security] multiple vulnerabilities in bind 8.x
Multiple vulnerabilities exist in the versions of BIND found in Slackware
7.1 and -current. Users of BIND 8.x are urged to upgrade to 8.2.3 to fix
these problems. More information can be found on the BIND website:
http://www.isc.org/products/BIND/
... and in the CERT Advisory CA-2001-02 - Multiple Vulnerabilities in BIND:
http://www.cert.org/advisories/CA-2001-02.html
By upgrading to BIND 8.2.3, users can fix these problems.
BIND 8.2.3 AVAILABLE - (bind.tgz)
Multiple vulnerabilities have been patched in BIND. Upgrading to BIND
8.2.3 addreses these vulnerabilities. Packages available:
For Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/bind.tgz
For Slackware 7.1:
ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/bind.tgz
For verification purposes, we provide the following checksums:
For Slackware -current:
16-bit "sum" checksum:
41667 1641 bind.tgz
128-bit MD5 message digest:
a46dd2ba74f50d0acba68ea0a38955d9 bind.tgz
For Slackware 7.1:
16-bit "sum" checksum:
58057 1640 bind.tgz
128-bit MD5 message digest:
eaaeeea64ab3ecd1dcc33149f9ee93a9 bind.tgz
INSTALLATION INSTRUCTIONS FOR THE bind.tgz PACKAGE:
---------------------------------------------------
Be sure to backup your name server configuration files (/etc/named.conf
and the /var/named directory) for safe measure. Then stop the name
server:
# ndc stop
Now run upgradepkg on the new BIND package:
# upgradepkg bind.tgz
The name server can now be restarted:
# ndc start
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to [email protected] with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+