CVE-2013-3919 [was Re: resolver.c:4858: fatal error]
On 6/4/13 1:06 AM, Stas Pirogov wrote: Hello, since upgrading our binds to 9.9.3 (from 9.9.2-P2) I've got following crash couple of times in last 3 days: 04-Jun-2013 08:33:09.531 general: critical: resolver.c:4858: fatal error: 04-Jun-2013 08:33:09.531 general: critical: RUNTIME_CHECK(tresult == 0) failed 04-Jun-2013 08:33:09.531 general: critical: exiting (due to fatal error in library) We're running various versions CentOS. This happened on both 5.3 and 5.5 Please advise Congratulations, you have discovered a bug in BIND 9.9.3, 9.8.5, and 9.6-ESV-R9. After analyzing it and concluding that the defect was potentially usable as a denial-of-service vector, our software developers have produced an emergency patch release which has been announced on the bind-announce mailing list. New versions of BIND are available to replace 9.9.3, 9.8.5, and 9.6-ESV-R9. Because the bug was introduced in the beta cycle for the most recent set of maintenance releases, the versions listed above are the only release versions of BIND affected. They are replaced by: 9.9.3-P1 9.8.5-P1 9.6-ESV-R9-P1 all of which can be found on the ISC ftp site, ftp://ftp.isc.org/isc/bind9 Michael McNally ISC Support ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CVE-2013-3919 [was Re: resolver.c:4858: fatal error]
Can you / ISC confirm that authoritative only (recursion no) are not affected? The implication from the advisory is that they are not, but explicit confirmation would be nice... Warren Kumari -- Please excuse typing, etc -- This was sent from a device with a tiny keyboard. On Jun 4, 2013, at 7:04 PM, Michael McNally mcna...@isc.org wrote: On 6/4/13 1:06 AM, Stas Pirogov wrote: Hello, since upgrading our binds to 9.9.3 (from 9.9.2-P2) I've got following crash couple of times in last 3 days: 04-Jun-2013 08:33:09.531 general: critical: resolver.c:4858: fatal error: 04-Jun-2013 08:33:09.531 general: critical: RUNTIME_CHECK(tresult == 0) failed 04-Jun-2013 08:33:09.531 general: critical: exiting (due to fatal error in library) We're running various versions CentOS. This happened on both 5.3 and 5.5 Please advise Congratulations, you have discovered a bug in BIND 9.9.3, 9.8.5, and 9.6-ESV-R9. After analyzing it and concluding that the defect was potentially usable as a denial-of-service vector, our software developers have produced an emergency patch release which has been announced on the bind-announce mailing list. New versions of BIND are available to replace 9.9.3, 9.8.5, and 9.6-ESV-R9. Because the bug was introduced in the beta cycle for the most recent set of maintenance releases, the versions listed above are the only release versions of BIND affected. They are replaced by: 9.9.3-P1 9.8.5-P1 9.6-ESV-R9-P1 all of which can be found on the ISC ftp site, ftp://ftp.isc.org/isc/bind9 Michael McNally ISC Support ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: CVE-2013-3919 [was Re: resolver.c:4858: fatal error]
In message 3fc34ff5-e0be-4a64-a2fb-dce6025e4...@kumari.net, Warren Kumari wri tes: Can you / ISC confirm that authoritative only (recursion no) are not affected ? The implication from the advisory is that they are not, but explicit confirma tion would be nice... Warren Kumari -- Please excuse typing, etc -- This was sent from a device with a tiny keyboard . Authoritative servers make queries as a side effect of normal processing. The answers to those queries (excluding refresh queries) are processed the same way as recursive queries are processed. So yes authoritative servers are vulnerable. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users