From owner-freebsd-security@FreeBSD.ORG Wed Nov 26 17:11:32 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF93C16A4CE for ; Wed, 26 Nov 2003 17:11:32 -0800 (PST) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 502F243FCB for ; Wed, 26 Nov 2003 17:11:31 -0800 (PST) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id D3E3B548A3 for ; Wed, 26 Nov 2003 19:11:30 -0600 (CST) Received: by madman.celabo.org (Postfix, from userid 1001) id 6FDD16D455; Wed, 26 Nov 2003 19:11:30 -0600 (CST) Date: Wed, 26 Nov 2003 19:11:30 -0600 From: "Jacques A. Vidrine" To: freebsd-security@freebsd.org Message-ID: <20031127011130.GA80820@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-security@freebsd.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="UugvWAfsgieZRqgk" Content-Disposition: inline X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 Subject: HEADS-UP: BIND denial-of-service vulnerability X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Nov 2003 01:11:33 -0000 --UugvWAfsgieZRqgk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello Everyone, ISC has released new versions of BIND 8 which address a remotely exploitable denial-of-service vulnerability that may allow an attacker to perform `negative cache poisoning'--- convincing a name server that certain RRs do not exist (even though they may). I do not know of any workaround at this time. I have committed fixes to the RELENG_5_1 and RELENG_4_9 security branches. Due to personal obligations this evening [*], I will likely not update RELENG_4_8 and RELENG_4_7 until sometime tomorrow. Likewise, the advisory will follow tomorrow. However, you can find patches at the following URLs: [FreeBSD -CURRENT, -STABLE, 4.9] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-836.patch.asc [FreeBSD 5.1, 4.8] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-834.patch.asc [FreeBSD 4.7, 4.6, 4.5, 4.4] ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-03:19/bind-833.patch.asc (If you don't find them at ftp.freebsd.org, try ftp2.freebsd.org.) I expect Doug Barton will upgrade BIND 8 in -STABLE and -CURRENT tonight or tomorrow. Cheers, --=20 Jacques Vidrine NTT/Verio SME FreeBSD UNIX Heimdal nectar@celabo.org jvidrine@verio.net nectar@freebsd.org nectar@kth.se [*] Happy Thanksgiving to those celebrating it, by the way! ----- Forwarded message from Jacques Vidrine ----- Date: Wed, 26 Nov 2003 16:54:53 -0800 (PST) =46rom: Jacques Vidrine To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src UPDATING src/sys/conf newvers.sh src/contrib/bind Version src/contrib/bind/bin/named ns_resp.c Message-Id: <200311270054.hAR0srnr052777@repoman.freebsd.org> nectar 2003/11/26 16:54:53 PST FreeBSD src repository Modified files: (Branch: RELENG_5_1) . UPDATING=20 sys/conf newvers.sh=20 contrib/bind Version=20 contrib/bind/bin/named ns_resp.c=20 Log: Correct a remote denial-of-service attack in named(8). =20 Revision Changes Path 1.251.2.13 +3 -0 src/UPDATING 1.1.1.11.2.1 +1 -1 src/contrib/bind/Version 1.1.1.11.2.1 +9 -3 src/contrib/bind/bin/named/ns_resp.c 1.50.2.13 +1 -1 src/sys/conf/newvers.sh ----- End forwarded message ----- ----- Forwarded message from Jacques Vidrine ----- Date: Wed, 26 Nov 2003 16:56:06 -0800 (PST) =46rom: Jacques Vidrine To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src UPDATING src/sys/conf newvers.sh src/contrib/bind Version src/contrib/bind/bin/named ns_resp.c Message-Id: <200311270056.hAR0u62k052941@repoman.freebsd.org> nectar 2003/11/26 16:56:06 PST FreeBSD src repository Modified files: (Branch: RELENG_4_9) . UPDATING=20 sys/conf newvers.sh=20 contrib/bind Version=20 contrib/bind/bin/named ns_resp.c=20 Log: Correct a remote denial-of-service attack in named(8). =20 Revision Changes Path 1.73.2.89.2.2 +12 -0 src/UPDATING 1.1.1.3.2.9.2.1 +1 -1 src/contrib/bind/Version 1.1.1.2.2.10.2.1 +9 -3 src/contrib/bind/bin/named/ns_resp.c 1.44.2.32.2.2 +1 -1 src/sys/conf/newvers.sh ----- End forwarded message ----- --UugvWAfsgieZRqgk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/xU9CFdaIBMps37IRAujJAJ9IiFfICLAxC3cjuxeuyiK7/X2KtwCeMcNf WfgT8Xi8deadiIDN/qWDQIk= =i2LN -----END PGP SIGNATURE----- --UugvWAfsgieZRqgk--