Re: Latest BIND on Debian 8.7 (jessie) crashed due to assertion failure

2017-04-19 Thread Carlos Pizarro 
Thanks Munukd, this was the info I was looking for.

Have a great day.

On Apr 20, 2017 2:54 AM, "Mukund Sivaraman" <m...@isc.org> wrote:

Hi Carlos

On Thu, Apr 20, 2017 at 12:54:47AM -0300, Carlos Pizarro wrote:
> Today the bind9 service crashed and this were the last few log lines when
> it happened:
>
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::c629:defe#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.192.10#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
> Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.196.10#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::a29f:1835#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN':
> 2400:cb00:2049:1::c629:defe#53
> Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
> resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
> Apr 19 20:46:24 host named[32115]: resolver.c:4350: INSIST(fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_any) || fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_rrsig) || fctx->type ==
> ((dns_rdatatype_t)dns_rdatatype_sig)) failed, back trace
> Apr 19 20:46:24 host named[32115]: #0 0x7f4aebd27a00 in ??
> Apr 19 20:46:24 host named[32115]: #1 0x7f4ae9f038ea in ??
> Apr 19 20:46:24 host named[32115]: #2 0x7f4aeb5e914e in ??
> Apr 19 20:46:24 host named[32115]: #3 0x7f4ae9f25d5b in ??
> Apr 19 20:46:24 host named[32115]: #4 0x7f4ae98d6064 in ??
> Apr 19 20:46:24 host named[32115]: #5 0x7f4ae92a462d in ??
> Apr 19 20:46:24 host named[32115]: exiting (due to assertion failure)
>
> ( Same log on Pastebin https://pastebin.com/a1K0L3wJ )
>
>
> Looking at the code line where it crashed I thought that it was related
> to CVE-2016-9131 but it was patched already on this Debian build:
>
> http://metadata.ftp-master.debian.org/changelogs/main/b/
bind9/bind9_9.9.5.dfsg-9+deb8u10_changelog
>
>
> Does anyone has any insight on what may be happening? I'm trying to avoid
> backporting the newest BIND from Stretch but I would if this won't happen
> on that version but I'm unsure as changelog seems to be quite similar to
> the changelog of my version:
>
> http://metadata.ftp-master.debian.org/changelogs/main/b/
bind9/bind9_9.10.3.dfsg.P4-12.1_changelog

This should be covered by the fix for CVE-2017-3137. See the following link:

https://security-tracker.debian.org/tracker/CVE-2017-3137

Mukund
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Latest BIND on Debian 8.7 (jessie) crashed due to assertion failure

2017-04-19 Thread Carlos Pizarro 
Hello,

I'm running the latest stable BIND available on Debian 8.7:

root@host:~# named -v
BIND 9.9.5-9+deb8u10-Debian (Extended Support Version)

root@host:~# dpkg -s bind9 | grep 'Version'
Version: 1:9.9.5.dfsg-9+deb8u10

https://packages.debian.org/jessie/bind9


Today the bind9 service crashed and this were the last few log lines when
it happened:

Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN':
2400:cb00:2049:1::c629:defe#53
Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.192.10#53
Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
Apr 19 20:46:23 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN': 64.68.196.10#53
Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN':
2400:cb00:2049:1::a29f:1835#53
Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN':
2400:cb00:2049:1::c629:defe#53
Apr 19 20:46:24 host named[32115]: error (unexpected RCODE REFUSED)
resolving 'heroditus.touchtype-systems.com/A/IN': 198.41.222.254#53
Apr 19 20:46:24 host named[32115]: resolver.c:4350: INSIST(fctx->type ==
((dns_rdatatype_t)dns_rdatatype_any) || fctx->type ==
((dns_rdatatype_t)dns_rdatatype_rrsig) || fctx->type ==
((dns_rdatatype_t)dns_rdatatype_sig)) failed, back trace
Apr 19 20:46:24 host named[32115]: #0 0x7f4aebd27a00 in ??
Apr 19 20:46:24 host named[32115]: #1 0x7f4ae9f038ea in ??
Apr 19 20:46:24 host named[32115]: #2 0x7f4aeb5e914e in ??
Apr 19 20:46:24 host named[32115]: #3 0x7f4ae9f25d5b in ??
Apr 19 20:46:24 host named[32115]: #4 0x7f4ae98d6064 in ??
Apr 19 20:46:24 host named[32115]: #5 0x7f4ae92a462d in ??
Apr 19 20:46:24 host named[32115]: exiting (due to assertion failure)

( Same log on Pastebin https://pastebin.com/a1K0L3wJ )


Looking at the code line where it crashed I thought that it was related
to CVE-2016-9131 but it was patched already on this Debian build:

http://metadata.ftp-master.debian.org/changelogs/main/b/bind9/bind9_9.9.5.dfsg-9+deb8u10_changelog


Does anyone has any insight on what may be happening? I'm trying to avoid
backporting the newest BIND from Stretch but I would if this won't happen
on that version but I'm unsure as changelog seems to be quite similar to
the changelog of my version:

http://metadata.ftp-master.debian.org/changelogs/main/b/bind9/bind9_9.10.3.dfsg.P4-12.1_changelog

Thanks, any help will be appreciated.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users