===================================================================== CERT-Renater Note d'Information No. 2008/VULN373 _____________________________________________________________________ DATE : 23/09/2008 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Windows running BIND versions 9.3.x, BIND versions 9.4.x, BIND versions 9.5.X. ====================================================================== http://marc.info/?l=bind-announce&m=122180244228376&w=2 http://marc.info/?l=bind-announce&m=122180244228378&w=2 http://marc.info/?l=bind-announce&m=122180376630150&w=2 ______________________________________________________________________ BIND 9.3.5-P2-W2 is now available. This is a WINDOWS-SPECIFIC update to address a denial-of-service vulnerability in the Windows code of BIND 9.3.5-P2-W1. This bug DOES NOT exist in the UNIX builds. BIND 9.3.5-P2-W2 contains security fixes: 2436. [security] win32: UDP client handler can be shutdown. [RT #18576] BIND 9.3.5-P2-W2 can be downloaded from ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/bind-9.3.5-P2-W2.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/bind-9.3.5-P2-W2.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/bind-9.3.5-P2-W2.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/bind-9.3.5-P2-W2.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at . A binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.zip ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.debug.zip The PGP signature of the binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.zip.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.3.5-P2-W2/BIND9.3.5-P2-W2.debug.zip.sha512.asc A list of changes made since 9.3.5-P2-W1 follows. For earlier changes, see the file CHANGES in the distribution. -------- ___________________________________________________________________________ BIND 9.4.2-P2-W2 is now available. This is a WINDOWS-SPECIFIC update to address a denial-of-service vulnerability in the Windows code of BIND 9.4.2-P2-W1. This bug DOES NOT exist in the UNIX builds. BIND 9.4.2-P2-W2 contains security fixes: 2436. [security] win32: UDP client handler can be shutdown. [RT #18576] BIND 9.4.2-P2-W2 can be downloaded from ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/bind-9.4.2-P2-W2.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/bind-9.4.2-P2-W2.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/bind-9.4.2-P2-W2.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/bind-9.4.2-P2-W2.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at . A binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.zip ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.debug.zip The PGP signature of the binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.zip.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.4.2-P2-W2/BIND9.4.2-P2-W2.debug.zip.sha512.asc A list of changes made since 9.4.2-P2-W1 follows. For earlier changes, see the file CHANGES in the distribution. -------- _______________________________________________________________________ BIND 9.5.0-P2-W2 is now available. This is a WINDOWS-SPECIFIC update to address a denial-of-service vulnerability in the Windows code of BIND 9.5.0-P2-W1. This bug DOES NOT exist in the UNIX builds. BIND 9.5.0-P2-W2 contains security fixes: 2436. [security] win32: UDP client handler can be shutdown. [RT #18576] BIND 9.5.0-P2-W2 can be downloaded from ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/bind-9.5.0-P2-W2.tar.gz The PGP signature of the distribution is at ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/bind-9.5.0-P2-W2.tar.gz.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/bind-9.5.0-P2-W2.tar.gz.sha256.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/bind-9.5.0-P2-W2.tar.gz.sha512.asc The signature was generated with the ISC public key, which is available at . A binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.zip ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.debug.zip The PGP signature of the binary kit for Windows XP and Windows 2003 is at ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.zip.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.zip.sha512.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.debug.zip.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.debug.zip.sha256.asc ftp://ftp.isc.org/isc/bind9/9.5.0-P2-W2/BIND9.5.0-P2-W2.debug.zip.sha512.asc A list of changes made since 9.5.0-P2-W1 follows. For earlier changes, see the file CHANGES in the distribution. -------- ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================