Gentoo Archives: gentoo-user-es

From: Seemant Kulleen <seemant@g.o>
To: gentoo-announce@g.o, gentoo-dev@××××××.oreg, gentoo-user@g.o, gentoo-security@g.o, security@×××××××××××××.com
Subject: [gentoo-user-es] [gentoo-announce] GLSA: bind and bind-tools
Date: Fri, 16 Aug 2002 04:13:11
Message-Id: 20020816021228.3c1e0264.seemant@gentoo.org
- -----------------------------------------------------------------------
GLSA: GENTOO LINUX SECURITY ANNOUNCEMENT
- -----------------------------------------------------------------------
PACKAGE         : net-dns/bind and net-dns/bind-tools
VERSION		: 9.2.1
SUMMARY         : buffer overflow vulnerability
DATE            : Mon Aug 12 18:52:32 UTC 2002
- -----------------------------------------------------------------------

OVERVIEW

A buffer overflow exists in bind and bind-tools versions 9.2.1  which may
allow an attacker to execute arbitrary code, if s/he controls the DNS
responses.

DETAIL

The full advisory may be found here:

http://www.kb.cert.org/vuls/id/803539

SOLUTION

It is recommended that all Gentoo Linux users who are running
net-dns/bind-9.2.1-r2 and/or net-dns/bind-9.2.1 and earlier update their
systems as follows.


emerge rsync
emerge bind  (and/or emerge bind-tools)
emerge clean

- ------------------------------------------------------------------------
kevin@×××××××××××××.it
seemant@g.o
drobbins@g.o
- ------------------------------------------------------------------------



-- 
Seemant Kulleen
Developer and Project Co-ordinator,
Gentoo Linux					http://www.gentoo.org/~seemant