[LWN Logo]
[LWN.net]
From:	 tsl@trustix.com
To:	 tsl-announce@trustix.org
Subject: TSLSA-2001-0007: bind
Date:	 Fri, 25 May 2001 15:07:15 +0200
Cc:	 bugtraq@securityfocus.com, linuxlist@securityportal.com


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2001-0007

Package name:      bind
Severity:          No new security bugs since 8.2.3, but generally a good idea
Date:              2001-05-25
Affected versions: TSL 1.01, 1.1, 1.2

- --------------------------------------------------------------------------

Problem description:
    If you are running a version prior to 8.2.3, you will want to upgrade
    for security reasons.  If you are already running 8.2.3, this is from
    the announce:

    Highlights vs. BIND 8.2.3:

        Fixes long-standing protocol incompatibility in DNSSEC support.
        Avoids fwd'ing to root name servers if response will be rejected.
        new port/cygwin contributed by s_c_biggs@bigfoot.com.
        new contrib/mdnkit (V1.3) from author.
        new contrib/adm from official ftp site.
        new contrib/host from author.
        new contrib/dnsp from author.
        fixed file descriptor leak in resolver.
        numerous portability improvements.
        numerous bug fixes.

Action:
  We recommend that all systems with this package installed are upgraded.
  If you do not need the functionality provided by this package, you may
  want to remove it from your system.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


Automatic updates:
  Users of the SWUP tool, can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Get SWUP from:
  <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>


Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata page at
  <URI:http://www.trustix.net/errata/trustix-1.2/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2001/TSL-2001-0007-bind.asc.txt>

MD5sums of the packages:
- --------------------------------------------------------------------------
3f6c750faf40ee6bce3526fdf98a4f61  ./1.2/SRPMS/bind-8.2.4-1tr.src.rpm
b0d75d6d01ffd209aea7facd1df21b96  ./1.2/RPMS/bind-8.2.4-1tr.i586.rpm
f79ebe16e479017eaf9c35895f46e9b2  ./1.2/RPMS/bind-devel-8.2.4-1tr.i586.rpm
5f6ca0322140b1693322064527de5980  ./1.2/RPMS/bind-utils-8.2.4-1tr.i586.rpm
aa954af954dec1febfbfb173259d4b36  ./1.1/RPMS/bind-8.2.4-1tr.i586.rpm
69417313c7b0c37efb0c62d94a5176e1  ./1.1/RPMS/bind-devel-8.2.4-1tr.i586.rpm
90cbfd8dcdb700cb180523f1d6102749  ./1.1/RPMS/bind-utils-8.2.4-1tr.i586.rpm
3f6c750faf40ee6bce3526fdf98a4f61  ./1.1/SRPMS/bind-8.2.4-1tr.src.rpm
- --------------------------------------------------------------------------


Trustix Security Team
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7Dk0LwRTcg4BxxS0RAnhYAJ0UqgLTTKQaL3gpk3x7iiuJcwHSHQCdEV2c
xB5BV8nk8gwBPbJB9DEh1eg=
=qSv+
-----END PGP SIGNATURE-----
-- 
Trustix Secure Linux Advisor
Homepage:           http://www.trustix.net/
Errata:             http://www.trustix.net/errata/
Automatic updates:  http://www.trustix.net/pub/Trustix/software/swup/

_______________________________________________
tsl-announce mailing list
tsl-announce@trustix.org
http://www.trustix.org/mailman/listinfo.cgi/tsl-announce