_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: bind
Advisory ID: MDKSA-2005:023
Date: January 26th, 2005
Affected versions: 10.1
______________________________________________________________________
Problem Description:
A vulnerability was discovered in BIND version 9.3.0 where a remote attacker may be able to cause named to exit prematurely, causing a Denial of Service due to an incorrect assumption in the validator function authvalidated().
The updated packages have been patched to prevent this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0034
http://www.kb.cert.org/vuls/id/938617
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
2c3b0b567b122b32672834813099ace9 10.1/RPMS/bind-9.3.0-3.1.101mdk.i586.rpm
f9e226057c52236b13631ffe032f6bc2 10.1/RPMS/bind-devel-9.3.0-3.1.101mdk.i586.rpm
e6a4b508f747a26af2e98d879cb1127e 10.1/RPMS/bind-utils-9.3.0-3.1.101mdk.i586.rpm
bcfc92436972a46b3788ec38edfd45d9 10.1/SRPMS/bind-9.3.0-3.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
1e497338a4c775afd571157c94b7a954 x86_64/10.1/RPMS/bind-9.3.0-3.1.101mdk.x86_64.rpm
9e61bddc45238b768bc2f93948a9024b x86_64/10.1/RPMS/bind-devel-9.3.0-3.1.101mdk.x86_64.rpm
17cf2955482bc6c3523b0123ca2010d9 x86_64/10.1/RPMS/bind-utils-9.3.0-3.1.101mdk.x86_64.rpm
bcfc92436972a46b3788ec38edfd45d9 x86_64/10.1/SRPMS/bind-9.3.0-3.1.101mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: bind
Advisory ID: MDKSA-2005:023
Date: January 26th, 2005
Affected versions: 10.1
______________________________________________________________________
Problem Description:
A vulnerability was discovered in BIND version 9.3.0 where a remote attacker may be able to cause named to exit prematurely, causing a Denial of Service due to an incorrect assumption in the validator function authvalidated().
The updated packages have been patched to prevent this problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0034
http://www.kb.cert.org/vuls/id/938617
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
2c3b0b567b122b32672834813099ace9 10.1/RPMS/bind-9.3.0-3.1.101mdk.i586.rpm
f9e226057c52236b13631ffe032f6bc2 10.1/RPMS/bind-devel-9.3.0-3.1.101mdk.i586.rpm
e6a4b508f747a26af2e98d879cb1127e 10.1/RPMS/bind-utils-9.3.0-3.1.101mdk.i586.rpm
bcfc92436972a46b3788ec38edfd45d9 10.1/SRPMS/bind-9.3.0-3.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
1e497338a4c775afd571157c94b7a954 x86_64/10.1/RPMS/bind-9.3.0-3.1.101mdk.x86_64.rpm
9e61bddc45238b768bc2f93948a9024b x86_64/10.1/RPMS/bind-devel-9.3.0-3.1.101mdk.x86_64.rpm
17cf2955482bc6c3523b0123ca2010d9 x86_64/10.1/RPMS/bind-utils-9.3.0-3.1.101mdk.x86_64.rpm
bcfc92436972a46b3788ec38edfd45d9 x86_64/10.1/SRPMS/bind-9.3.0-3.1.101mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com