Slackware Linux ProjectSSA-2022-080-01[slackware-security] Slackware 15.0 bind
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
56.3%
New bind packages are available for Slackware 15.0, since the previous patch
mistakenly moved to a newer BIND branch. These packages do not fix any security
issues that weren’t already fixed in the bind-9.18.1 packages, which have been
moved into /testing, but the BIND 9.16 LTS version is the correct one for
Slackware 15.0.
Here are the details from the Slackware 15.0 ChangeLog:
patches/packages/bind-9.16.27-i586-1_slack15.0.txz: Upgraded.
Sorry folks, I had not meant to bump BIND to the newer branch. I’ve moved
the other packages into /testing. Thanks to Nobby6 for pointing this out.
This update fixes bugs and the following security issues:
A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
to be called recursively, which in turn left TCP connections hanging in the
CLOSE_WAIT state blocking indefinitely when out-of-order processing was
disabled.
The rules for acceptance of records into the cache have been tightened to
prevent the possibility of poisoning if forwarders send records outside
the configured bailiwick.
For more information, see:
https://vulners.com/cve/CVE-2022-0396
https://vulners.com/cve/CVE-2021-25220
(* Security fix *)
testing/packages/bind-9.18.1-i586-1_slack15.0.txz: Moved.
Where to find the new packages:
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/bind-9.16.27-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/bind-9.16.27-x86_64-1_slack15.0.txz
MD5 signatures:
Slackware 15.0 package:
cb7677e69257e3e6fdb37b2c2d2055a6 bind-9.16.27-i586-1_slack15.0.txz
Slackware x86_64 15.0 package:
629150da7488246c739456e332d5b8e6 bind-9.16.27-x86_64-1_slack15.0.txz
Installation instructions:
Upgrade the package as root:
> upgradepkg bind-9.16.27-i586-1_slack15.0.txz
Then, restart the name server:
> /etc/rc.d/rc.bind restart
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Slackware | 15.0 | i586 | bind | < 9.16.27 | bind-9.16.27-i586-1_slack15.0.txz |
| Slackware | 15.0 | x86_64 | bind | < 9.16.27 | bind-9.16.27-x86_64-1_slack15.0.txz |
Related
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
56.3%