[SECURITY-L] New BIND 8 release due to remote buffer overrun

Daniela Regina Barbetti Silva daniela em ccuec.unicamp.br
Seg Jul 1 12:00:51 -03 2002 

----- Forwarded message from Nelson Murilo <nelson em pangeia.com.br> -----

From: Nelson Murilo <nelson em pangeia.com.br>
Subject: [S] New BIND 8 release due to remote buffer overrun
To: seguranca em pangeia.com.br
Date: Fri, 28 Jun 2002 18:40:59 -0300

From: Mark_Andrews em isc.org


			BIND 8.2.6 Release

BIND 8.2.6 is security release.

The recommended version to use is BIND 9.2.1.  If for whatever reason you
must run BIND 8, use nothing earlier than 8.2.6-REL, 8.3.3-REL.  Do not
under any circumstances run BIND 4.

'named' is *not* vulnerable to this security problem.

Highlights vs. 8.2.5
        Security Fix libbind.  All applications linked against libbind
        need to relinked.

the distribution files are:

ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-src.tar.gz
ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-doc.tar.gz
ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-contrib.tar.gz

the pgp signature files are:

ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-src.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-doc.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.2.6/bind-contrib.tar.gz.asc

the md5 checksums are:

MD5 (bind-contrib.tar.gz) = 8d8a9a981e74d1dc6e3cfb7a1f80a2cd
MD5 (bind-contrib.tar.gz.asc) = c6b652f5ee5dc9d93154f55890bc5b96
MD5 (bind-doc.tar.gz) = 7d30910d6f3672ce0d6dfafe20434d18
MD5 (bind-doc.tar.gz.asc) = 89a6cfb8e8242e2c8e6caee90a4eff71
MD5 (bind-src.tar.gz) = 46f711732908fd469d1b09d1fe9ef627
MD5 (bind-src.tar.gz.asc) = 8ee1062bbc51a77290bf36641696d3c0

Windows NT / Windows 2000 binary distribution.

	Not Available.  Upgrade to BIND 8.3.3 or BIND 9.2.1.

top of CHANGES says:

	--- 8.2.6-REL released --- (Wed Jun 26 21:15:43 PDT 2002)

1301.	[func]		log attempts to exploit #1300.

1300.   [bug]           Remote buffer overrun.

	--- 8.2.5-REL released --- (Thu Sep 27 23:41:08 PDT 2001)

- -------------------------------------------------------
>From Mark_Andrews em isc.org Fri Jun 28 08:25:55 2002
Date: Sat, 29 Jun 2002 00:20:53 +1000
From: Mark_Andrews em isc.org
To: bind-announce em isc.org
Subject: BIND 8.3.3 Release


			BIND 8.3.3 Release

BIND 8.3.3 is the fourth release of 8.3.  It is a maintenance release and
contains a security fix.

The recommended version to use is BIND 9.2.1.  If for whatever reason you
must run BIND 8, use nothing earlier than 8.2.6-REL, 8.3.3-REL.  Do not
under any circumstances run BIND 4.

'named' is *not* vulnerable to this security problem.

Highlights vs. 8.3.2
        Security Fix libbind. All applications linked against libbind
        need to re-linked.
        'rndc restart' now preserves named's arguments

Highlights vs. BIND 8.3.1:
	dig, nslookup, host and nsupdate have improved IPv6 support.

Highlights vs. BIND 8.3.0:

	Critical bug fix to prevent DNS storms. If you have BIND 8.3.0 you
	need to upgrade.

the distribution files are:

ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-src.tar.gz
ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-doc.tar.gz
ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-contrib.tar.gz

the pgp signature files are:

ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-src.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-doc.tar.gz.asc
ftp://ftp.isc.org/isc/bind/src/8.3.3/bind-contrib.tar.gz.asc

the md5 checksums are:

MD5 (bind-contrib.tar.gz) = 15b643046791ba444539b14654c4c70e
MD5 (bind-contrib.tar.gz.asc) = 16c7710fa7ab41d7f1ca41dfa3920792
MD5 (bind-doc.tar.gz) = b5b09e7c00709ee4cd550aff3a21e958
MD5 (bind-doc.tar.gz.asc) = 9ff908b030be05c5196359d931f5d490
MD5 (bind-src.tar.gz) = 4e904fdc3d908294147054276eba4064
MD5 (bind-src.tar.gz.asc) = 5e116cc42487ff2d6371bea8bc3a7f94

Windows NT / Windows 2000 binary distribution.

ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/readme1st.txt
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/BIND8.3.3.zip
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/BIND8.3.3.zip.asc

ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/readme1sttools.txt
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/BIND8.3.3Tools.zip
ftp://ftp.isc.org/isc/bind/contrib/ntbind-8.3.3/BIND8.3.3Tools.zip.asc

the md5 checksums are:

MD5 (readme1st.txt) = ac4ce260f151dc1ab393c145f4288bba
MD5 (BIND8.3.3.zip) = ed719303bc46adb1e9bff12236ee2fa6
MD5 (BIND8.3.3.zip.asc) = 411693af21f9f70123048c05588b9b27

MD5 (readme1sttools.txt) = 93cbeb616b1eb79a40b4eec4a8b088be
MD5 (BIND8.3.3Tools.zip) = 2c81fecb318b052b90cc681a8fba92fc
MD5 (BIND8.3.3Tools.zip.asc) = 0ae82182353f1e0fb1c0a4acdf9f095a

top of CHANGES says:

	--- 8.3.3-REL released --- (Wed Jun 26 21:15:43 PDT 2002)

1301.	[func]		log attempts to exploit #1300.

1300.	[bug]		Remote buffer overrun.

1299.	[func]		Log to xfer-in when a named-xfer fails and one of
			the masters returned REFUSED.

1298.	[bug]		named could leak a OPT record when returning a
			negative response.

1297.	[func]		'ndc restart' will now attempt to preserve the
			arguments named was started with.
			Use 'ndc restart --' to clear the arguements.
			Use 'ndc restart <new arguements>' to restart named
			with a alternate set of arguements.

1296.	[bug]		delay setting need_restart until the response to
			ndc exec has been sent.

1295.	[func]		new ndc command 'args'.  returns the arguements that
			named was started with %xx escaped.

1294.	[bug]		#1272 broke linkage for those OS's using -lfl (flex).
			Move -ll/-lfl to LIBL for all platforms.

	--- 8.3.2-REL released --- (Mon Jun 17 20:24:32 PDT 2002)





- -+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+
This message was posted through the FIRST mailing list server.
Contact your team's FIRST representative to (un)subscribe,

DO NOT REDISTRIBUTE BEYOND MEMBERS OF FIRST TEAMS UNLESS THE AUTHOR OF
THIS MESSAGE GRANTS EXPRESS PERMISSION TO REDISTRIBUTE
- -+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+#+--+


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: cp850

iQEVAwUBPRyXxnAvLUtwgRsVAQECZggAnaiQHnf3vHdxTnobP9n9pxBAxD6sSLfi
i852BGLUvJzVg5cwlO9DwjlE76lSyvRihFGfzEZGg6sJpDetkgYdEfggR74eQtP0
9UtsML+NdZwDXeg3jOOaQUwCqbQ8PU/qzXOhHIi5zTTCU0xy8KbH4NbjSbYQEO50
sFl14DBIHjgSFv9Egl5LjQU9man9G2u+Xa1977r/07BWhqFrTYORlQdFacwoKOZE
qEnwalBrdOmGDemWdc+bc/o96f615O5UyErcRqaq6XTn1LtPPXZ6lgjw34j/wOpC
68UZXB1fxzWe2oh7M7F5FLVWqve+DclqjT0OPBMkrZayOfYBksH7Ww==
=W4VX
-----END PGP SIGNATURE-----



----- End forwarded message -----

Mais detalhes sobre a lista de discussão SECURITY-L