linux, säkerhet

6027322 2001-01-29 09:07 -0800  /86 rader/ Slackware Security Team <security@SLACKWARE.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2001-01-30  20:52  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: security@slackware.com
Mottagare: Bugtraq (import) <15079>
Ärende: [slackware-security] multiple vulnerabilities in bind 8.x
------------------------------------------------------------
From: Slackware Security Team <security@SLACKWARE.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <Pine.LNX.4.21.0101290906120.31954-100000@bob.slackware.com>

Multiple vulnerabilities exist in the versions of BIND found in
Slackware 7.1 and -current.  Users of BIND 8.x are urged to upgrade
to 8.2.3 to fix these problems.  More information can be found on the
BIND website:

   http://www.isc.org/products/BIND/

... and in the CERT Advisory CA-2001-02 - Multiple Vulnerabilities in
BIND:

   http://www.cert.org/advisories/CA-2001-02.html

By upgrading to BIND 8.2.3, users can fix these problems.


 =================================
 BIND 8.2.3 AVAILABLE - (bind.tgz)
 =================================

  Multiple vulnerabilities have been patched in BIND.  Upgrading to
  BIND 8.2.3 addreses these vulnerabilities.  Packages available:

     For Slackware -current:
     ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/n1/bind.tgz

     For Slackware 7.1:
     ftp://ftp.slackware.com/pub/slackware/slackware-7.1/patches/packages/bind.tgz

  For verification purposes, we provide the following checksums:

     For Slackware -current:
        16-bit "sum" checksum:
        41667  1641   bind.tgz

        128-bit MD5 message digest:
        a46dd2ba74f50d0acba68ea0a38955d9  bind.tgz

     For Slackware 7.1:
        16-bit "sum" checksum:
        58057  1640   bind.tgz

        128-bit MD5 message digest:
        eaaeeea64ab3ecd1dcc33149f9ee93a9  bind.tgz


  INSTALLATION INSTRUCTIONS FOR THE bind.tgz PACKAGE:
  ---------------------------------------------------
  Be sure to backup your name server configuration files (/etc/named.conf
  and the /var/named directory) for safe measure.  Then stop the name
  server:

         # ndc stop

  Now run upgradepkg on the new BIND package:

         # upgradepkg bind.tgz

  The name server can now be restarted:

         # ndc start



Remember, it's also a good idea to backup configuration files before
upgrading packages.

- Slackware Linux Security Team
  http://www.slackware.com


+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+
(6027322) --------------------------------(Ombruten)