This is reproducible and should only affected in 9.7.3.
For the record, the problem has been fixed:
http://www.isc.org/software/bind/advisories/cve-2011-1910
-JP
___
bind-users mailing list
bind-users@lists.isc.org
Evan Hunt wrote:
Yes. But the problem domain has been corrected, so you won't be able to
reproduce it now.
In the interest of preventing this happening again, either by accident
(as it was in this case) or due to someone crafting a bad zone
maliciously,
we will be releasing a patch to all
On Thu, 26 May 2011, Frank Kloeker wrote:
Hi,
I using bind 9.7.3 as resolver in a slightly larger server farm with
some mail servers that use domain key validation.
If a try
# host -t TXT _adsp._domainkey.federalreserve.gov
bind dies with
May 26 19:59:02 resolv04 named[8237]:
# host -t TXT _adsp._domainkey.federalreserve.gov
bind dies with
May 26 19:59:02 resolv04 named[8237]: buffer.c:285: REQUIRE(b-used + 1
= b-length) failed
May 26 19:59:02 resolv04 named[8237]: exiting (due to assertion failure)
This is reproducible and should only affected in 9.7.3.
I using bind 9.7.3 as resolver in a slightly larger server farm with
some mail servers that use domain key validation.
If a try
# host -t TXT _adsp._domainkey.federalreserve.gov
bind dies with
May 26 19:59:02 resolv04 named[8237]: buffer.c:285: REQUIRE(b-used + 1
= b-length) failed
I using bind 9.7.3 as resolver in a slightly larger server farm with
some mail servers that use domain key validation.
We're investigating the problem.
--
Evan Hunt -- e...@isc.org
Internet Systems Consortium, Inc.
___
bind-users mailing list
Hi Frank,
At 11:33 26-05-2011, Frank Kloeker wrote:
I using bind 9.7.3 as resolver in a slightly larger server farm with
some mail servers that use domain key validation.
If a try
# host -t TXT _adsp._domainkey.federalreserve.gov
This occurs with BIND 9.8.0:
buffer.c:285: REQUIRE(b-used + 1
On 5/26/2011 2:33 PM, Frank Kloeker wrote:
Hi,
I using bind 9.7.3 as resolver in a slightly larger server farm with
some mail servers that use domain key validation.
If a try
# host -t TXT _adsp._domainkey.federalreserve.gov
bind dies with
May 26 19:59:02 resolv04 named[8237]: buffer.c:285:
I can't get my 9.8.0-P1 resolvers to crash. The response from the
federalreserve.gov servers looks strange, though:
dig +dnssec +ignore +norec federalreserve.gov soa @ns5.frb.gov
;; Warning: Message parser reports malformed message packet.
;; WARNING: Messages has 57 extra bytes at end
Hauke.
David Sparro wrote:
I had some of my 9.7.2-P3 boxes die the same way as well.
dig txt _policy._domainkey.federalreserve.gov
will trigger the crash as well.
Not all of my systems seem to be affected, though. Those that are seem
to be 100% reproducible.
Just out of curiosity - are anyone
Just out of curiosity - are anyone seeing these crashes with a BIND that
isn't doing DNSSEC validation?
Yes. But the problem domain has been corrected, so you won't be able to
reproduce it now.
In the interest of preventing this happening again, either by accident
(as it was in this case) or
I wrote:
(I've not been able to reproduce this on any non-validating server yet,
and my validating servers are running some other software at the moment -
I'll enable validation on my test systems and check if I can get them to
crash).
I've so far not been able to reproduce it on a
12 matches
Mail list logo
