[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1172-1] New bind9 packages fix denial of service

Hello Sirs,

A quick bug report for the list. Can someone second this behaviour?
This package created a new group 'bind' and uses this for access to the pid file (as defined in the init.d script).
But on my (upgraded from woody) - sarge install bind and not in the bind group so it failed with:
Sep 9 00:28:15 stan named[5638]: couldn't open pid file '/var/run/bind/run/named.pid': Permission denied 
Sep  9 00:28:15 stan named[5638]: exiting (due to early fatal error)

I just had to change the 'bind' users group to the new bind group.

Dave,
--
David Broome   Sr. Programmer Analyst @ FineArts.UVic.CA  /BSc
250.721-6307   dbroome@uvic.ca          FIA 221


Quoting Martin Schulze <joey@infodrom.org>:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1172-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
September 9th, 2006                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : bind9
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE IDs        : CVE-2006-4095 CVE-2006-4096
CERT advisories: VU#697164 VU#915404
Reply to: