pjp Administrator
Joined: 16 Apr 2002 Posts: 20494
|
Posted: Fri Aug 16, 2002 7:24 pm Post subject: [gentoo-announce] GLSA: bind and bind-tools |
|
|
Seemant Kulleen wrote: | - -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE : net-dns/bind and net-dns/bind-tools
VERSION : 9.2.1
SUMMARY : buffer overflow vulnerability
DATE : Mon Aug 12 18:52:32 UTC 2002
- -----------------------------------------------------------------------
OVERVIEW
A buffer overflow exists in bind and bind-tools versions 9.2.1 which may
allow an attacker to execute arbitrary code, if s/he controls the DNS
responses.
DETAIL
The full advisory may be found here:
http://www.kb.cert.org/vuls/id/803539
SOLUTION
It is recommended that all Gentoo Linux users who are running
net-dns/bind-9.2.1-r2 and/or net-dns/bind-9.2.1 and earlier update their
systems as follows.
emerge rsync
emerge bind (and/or emerge bind-tools)
emerge clean
- ------------------------------------------------------------------------
kevin@aptbasilicata.it
seemant@gentoo.org
drobbins@gentoo.org
- ------------------------------------------------------------------------
--
Seemant Kulleen
Developer and Project Co-ordinator,
Gentoo Linux http://www.gentoo.org/~seemant |
Mailing List Archive: http://lists.gentoo.org/pipermail/gentoo-announce/2002-August/000193.html _________________ Quis separabit? Quo animo? |
|