1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 2486-1] bind9 security update

    From Florian Weimer@1:229/2 to All on Tue Jun 5 23:20:02 2012
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2486-1 [email protected] http://www.debian.org/security/ Florian Weimer
    June 05, 2012 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bind9
    Vulnerability : denial of service
    Problem type : remote
    Debian-specific: no
    CVE ID : CVE-2012-1667

    It was discovered that BIND, a DNS server, can crash while processing
    resource records containing no data bytes. Both authoritative servers
    and resolvers are affected.

    For the stable distribution (squeeze), this problem has been fixed in
    version 1:9.7.3.dfsg-1~squeeze5.

    We recommend that you upgrade your bind9 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iQEcBAEBAgAGBQJPznhPAAoJEL97/wQC1SS+qKYH/3Utmyv9stmMx8SxPYwa34fw iGQIxLXQRHhFVxQj1La4lFAIqm724p2mOOcxUg1uIH+i7MYF8243T4MR5TCNRLcD nD5GLpKcwUlz1IXV5/PZQsHMkeNEcEW81ez+HVN0/NhagM8Sqdb88lxMpGtBkSCn tt0vN/FL99ny44XZCo8gaC29Nh4K9U3uvjE0009d7rimDuNP9yhr6rU2rJrvaeT8 7Tl2TewiOHwLSNx1huOXv+BgH5bfoJoBMr/lmomJ005VjozW2MLgYo49Jpo055BL VvNtkECAvmTkIiESd3ss5qivUuOcbSVbPOColTVhdre2f+qOqHXXuglaehQMwzE=
    =UfVD
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Geoffroy Rabouin@1:229/2 to All on Wed Jun 6 16:40:03 2012
    XPost: linux.debian.security
    From: [email protected]

    --047d7b15ae4553b64b04c1cea3bd
    Content-Type: text/plain; charset=ISO-8859-1
    Content-Transfer-Encoding: quoted-printable

    Le 5 juin 2012 23:10, "Florian Weimer" <[email protected]> a �crit :

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-2486-1 [email protected] http://www.debian.org/security/ Florian Weimer June 05, 2012 http://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : bind9
    Vulnerability : denial of service
    Problem type : remote
    Debian-specific: no
    CVE ID : CVE-2012-1667

    It was discovered that BIND, a DNS server, can crash while processing resource records containing no data bytes. Both authoritative servers
    and resolvers are affected.

    For the stable distribution (squeeze), this problem has been fixed in
    version 1:9.7.3.dfsg-1~squeeze5.

    We recommend that you upgrade your bind9 packages.

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: http://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.10 (GNU/Linux)

    iQEcBAEBAgAGBQJPznhPAAoJEL97/wQC1SS+qKYH/3Utmyv9stmMx8SxPYwa34fw iGQIxLXQRHhFVxQj1La4lFAIqm724p2mOOcxUg1uIH+i7MYF8243T4MR5TCNRLcD nD5GLpKcwUlz1IXV5/PZQsHMkeNEcEW81ez+HVN0/NhagM8Sqdb88lxMpGtBkSCn tt0vN/FL99ny44XZCo8gaC29Nh4K9U3uvjE0009d7rimDuNP9yhr6rU2rJrvaeT8 7Tl2TewiOHwLSNx1huOXv+BgH5bfoJoBMr/lmomJ005VjozW2MLgYo49Jpo055BL VvNtkECAvmTkIiESd3ss5qivUuOcbSVbPOColTVhdre2f+qOqHXXuglaehQMwzE=
    =UfVD
    -----END PGP SIGNATURE-----


    --
    To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact
    [email protected]
    Archive: http://lists.debian.org/[email protected]



    --047d7b15ae4553b64b04c1cea3bd
    Content-Type: text/html; charset=ISO-8859-1
    Content-Transfer-Encoding: quoted-printable

    <div class="gmail_quote">Le 5 juin 2012 23:10, &quot;Florian Weimer&quot; &lt;<a href="mailto:[email protected]">[email protected]</a>&gt; a �crit�:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;
    padding-left:1ex">
    -----BEGIN PGP SIGNED MESSAGE-----<br>
    Hash: SHA1<br>

    - -------------------------------------------------------------------------<br> Debian Security Advisory DSA-2486-1 � � � � � � � � � <a href="mailto:[email protected]">[email protected]</a><br>
    <a href="http://www.debian.org/security/" target="_blank">http://www.debian.org/security/</a> � � � � � � � � � � � � � �Florian Weimer<br>
    June 05, 2012 � � � � � � � � � � � � �<a href="http://www.debian.org/security/faq" target="_blank">http://www.debian.org/security/faq</a><br>
    - -------------------------------------------------------------------------<br>

    Package � � � �: bind9<br>
    Vulnerability �: denial of service<br>
    Problem type � : remote<br>
    Debian-specific: no<br>
    CVE ID � � � � : CVE-2012-1667<br>

    It was discovered that BIND, a DNS server, can crash while processing<br> resource records containing no data bytes. �Both authoritative servers<br>
    and resolvers are affected.<br>

    For the stable distribution (squeeze), this problem has been fixed in<br> version 1:9.7.3.dfsg-1~squeeze5.<br>

    We recommend that you upgrade your bind9 packages.<br>

    Further information about Debian Security Advisories, how to apply<br>
    these updates to your system and frequently asked questions can be<br>
    found at: <a href="http://www.debian.org/security/" target="_blank">http://www.debian.org/security/</a><br>

    Mailing list: <a href="mailto:[email protected]">[email protected]</a><br>
    -----BEGIN PGP SIGNATURE-----<br>
    Version: GnuPG v1.4.10 (GNU/Linux)<br>

    iQEcBAEBAgAGBQJPznhPAAoJEL97/wQC1SS+qKYH/3Utmyv9stmMx8SxPYwa34fw<br> iGQIxLXQRHhFVxQj1La4lFAIqm724p2mOOcxUg1uIH+i7MYF8243T4MR5TCNRLcD<br> nD5GLpKcwUlz1IXV5/PZQsHMkeNEcEW81ez+HVN0/NhagM8Sqdb88lxMpGtBkSCn<br> tt0vN/FL99ny44XZCo8gaC29Nh4K9U3uvjE0009d7rimDuNP9yhr6rU2rJrvaeT8<br> 7Tl2TewiOHwLSNx1huOXv+BgH5bfoJoBMr/lmomJ005VjozW2MLgYo49Jpo055BL<br> VvNtkECAvmTkIiESd3ss5qivUuOcbSVbPOColTVhdre2f+qOqHXXuglaehQMwzE=<br>
    =UfVD<br>
    -----END PGP SIGNATURE-----<br>


    --<br>
    To UNSUBSCRIBE, email to <a href="mailto:[email protected]">[email protected]</a><br>
    with a subject of &quot;unsubscribe&quot;. Trouble? Contact <a href="mailto:[email protected]">[email protected]</a><br>
    Archive: <a href="http://lists.debian.org/[email protected]" target="_blank">http://lists.debian.org/[email protected]</a><br>

    </blockquote></div>

    --047d7b15ae4553b64b04c1cea3bd--


    --
    To UNSUBSCRIBE, email to [email protected]
    with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/CA+z3=yZ+AN+AHp7jBo9dxi=sVGfoznJE_0KPXEOFGT1e8Y8thQ@mail.gmail.com

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)