Summary: | <net-dns/bind-9.7.3_p1: RRSIG RRsets negative lookup DoS (CVE-2011-1910) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexanderyt, idl0r |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.isc.org/software/bind/advisories/cve-2011-1910 | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Alex Legler (RETIRED)
2011-05-27 09:01:52 UTC
I just added 9.7.3_p1 and 9.8.0_p2. Arches, please test and mark stable: =net-dns/bind-9.7.3_p1 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" >>> Preparing source in /tmp/portage/net-dns/bind-9.7.3_p1/work/bind-9.7.3-P1 ...
* Applying bind-dlzmysql5-reconnect.patch ...
[ ok ]
* Cannot find $EPATCH_SOURCE! Value for $EPATCH_SOURCE is:
*
* /usr/portage/net-dns/bind/files/bind-9.7.3_p1-odbc-dlz-detect.patch
* ( bind-9.7.3_p1-odbc-dlz-detect.patch )
* ERROR: net-dns/bind-9.7.3_p1 failed (prepare phase):
* Cannot find $EPATCH_SOURCE!
*
* Call stack:
* ebuild.sh, line 56: Called src_prepare
* environment, line 3280: Called epatch '/usr/portage/net-dns/bind/files/bind-9.7.3_p1-odbc-dlz-detect.patch
Fixed in CVS, sorry. looks ok on my server. amd64 done x86 stable alpha/arm/ia64/s390/sh/sparc stable ppc/ppc64 stable Stable for HPPA. Thanks, everyone. GLSA Vote: yes. CVE-2011-1910 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1910): Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets. Vote: YES. Added to pending GLSA request. This issue was resolved and addressed in GLSA 201206-01 at http://security.gentoo.org/glsa/glsa-201206-01.xml by GLSA coordinator Stefan Behte (craig). |