Re: CERT Advisory CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries
On Mon, 1 Jul 2002 13:02:34 +0100
Sam Vilain <sam@vilain.net> wrote:
> "J.H.M. Dassen (Ray)" <dm@zensunni.demon.nl> wrote:
>
> > > Does anyone know if this affects Debian?
> > This has been fixed; see http://bugs.debian.org/151342 for details.
>
> Excellent. To summarise that bug report for the benefit of those
> interested, if you are running any of the following packages:
>
> bind9 bind9-host libbind-dev libdns5 libisc4
> liblwres1 libisccc0 ibisccfg0 dnsutils lwresd
>
> They should be version 9.2.1-3 or higher, which were uploaded to unstable
> approximately 6 hours ago (Mon, 1 Jul 2002 00:16:31 -0600).
>
> bind 8 is also vulnerable (see http://bugs.debian.org/151247)
>
> If you are running any of the the following packages:
>
> bind bind-dev
>
> Then you need version 8.3.3-1 or higher, which were uploaded to unstable
> approximately 12 hours ago (Sun, 30 Jun 2002 21:48:10 -0600).
>
> The fixed packages do not appear to be available yet on
> security.debian.org
>
> Cheers,
Hi
With bind: 9_9.2.1-3.diff.gz, bind9_9.2.1-3.dsc from incoming.debian.org and the bind*.tar from pool dpkg-source and dpkg-buildpackage built me the packages today for i386.
regards dominik
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: