Re: [SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning
From: Florian Weimer <fw@deneb.enyo.de>
Date: Wed, 09 Jun 2010 08:10:12 +0200
Message-id: <87sk4w20u3.fsf@mid.deneb.enyo.de>
In-reply-to: <87aar9z6pw.fsf@mid.deneb.enyo.de> (Florian Weimer's message of "Sat, 05 Jun 2010 19:44:17 +0200")
References: <87sk524n7t.fsf@mid.deneb.enyo.de> <87aar9z6pw.fsf@mid.deneb.enyo.de>

Two more issues with the update have been identified:

Unexpected permissions on /etc/ssl/openssl.cnf causes OpenSSL and
named to exit:
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584911> (We can only
try to detect this situation in BIND and print something to the log,
it is not correctable in BIND as such.)

The PID file handling is broken:
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=585004>
(We will restore the old location of the PID file.)

We will issue DSA-2054-2 at some point in the future.  If you have
come across additional issues, please file bug reports, so that we can
address them.

Reply to:

References:
- Re: [SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: Some services refreshed after upgrade following DSA-2054-1?
Next by Date: Re: [DSA 205x-1] ...
Previous by thread: Re: [SECURITY] [DSA 2054-1] New bind9 packages fix cache poisoning
Next by thread: fixing CVE-2010-0395 for testing
Index(es):
- Date
- Thread