Slackware: 'bind' DoS
Summary
Where Find New Packages
MD5 Signatures
Installation Instructions
BIND version 8.2.2-P5 has a denial of service bug. The code intended to provide support for the transfer of compressed zone files can crash the name server. More BIND security information can be found at: By upgrading to BIND 8.2.2-P7, users can fix this problem. A new bind.tgz package is available for users of Slackware Linux 7.0, 7.1, and -current. ====================================== BIND 8.2.2-P7 AVAILABLE - (n1/bind.tgz) ====================================== The denial of service vulnerability that affects BIND 8.2.2-P5 can be fixed by upgrading to the new BIND 8.2.2-P7 package. The new bind.tgz is available in the -current branch: For verification purposes, we provide the following checksums: 16-bit "sum" checksum: 41816 1611 n1/bind.tgz 128-bit MD5 message digest: acce19918ebb3cf0159f0690e5d167ae n1/bind.tgz INSTALLATION INSTRUCTIONS FOR THE bind.tgz PACKAGE: --------------------------------------------------- Be sure to backup your name server configuration files (/etc/named.conf and the /var/named directory) for safe measure. Then stop the name server: # ndc stop Now run upgradepkg on the new BIND package: # upgradepkg bind.tgz The name server can now be restarted: # ndc start Remember, it's also a good idea to backup configuration files before upgrading packages. - Slackware Linux Security Team The Slackware Linux Project