Gentoo Archives: gentoo-user-es

From: Seemant Kulleen <seemant@g.o>
To: gentoo-announce@g.o, gentoo-dev@××××××.oreg, gentoo-user@g.o, gentoo-security@g.o, security@×××××××××××××.com
Subject: [gentoo-user-es] [gentoo-announce] GLSA: bind and bind-tools
Date: Fri, 16 Aug 2002 04:13:11
Message-Id: 20020816021228.3c1e0264.seemant@gentoo.org
1 - -----------------------------------------------------------------------
2 GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
3 - -----------------------------------------------------------------------
4 PACKAGE : net-dns/bind and net-dns/bind-tools
5 VERSION : 9.2.1
6 SUMMARY : buffer overflow vulnerability
7 DATE : Mon Aug 12 18:52:32 UTC 2002
8 - -----------------------------------------------------------------------
9
10 OVERVIEW
11
12 A buffer overflow exists in bind and bind-tools versions 9.2.1 which may
13 allow an attacker to execute arbitrary code, if s/he controls the DNS
14 responses.
15
16 DETAIL
17
18 The full advisory may be found here:
19
20 http://www.kb.cert.org/vuls/id/803539
21
22 SOLUTION
23
24 It is recommended that all Gentoo Linux users who are running
25 net-dns/bind-9.2.1-r2 and/or net-dns/bind-9.2.1 and earlier update their
26 systems as follows.
27
28
29 emerge rsync
30 emerge bind (and/or emerge bind-tools)
31 emerge clean
32
33 - ------------------------------------------------------------------------
34 kevin@×××××××××××××.it
35 seemant@g.o
36 drobbins@g.o
37 - ------------------------------------------------------------------------
38
39
40
41 --
42 Seemant Kulleen
43 Developer and Project Co-ordinator,
44 Gentoo Linux http://www.gentoo.org/~seemant