Bugtraq mailing list archives
BIND 8.1.2-T3B and BIND 4.9.7-T1B (fwd)
From: jared () PUCK NETHER NET (Jared Mauch)
Date: Wed, 8 Apr 1998 21:50:21 -0400
----- Forwarded message from Bob Halley -----
From bind-workers-request () vix com Wed Apr 8 21:49:19 1998
X-Authentication-Warning: pub1.pa.vix.com: jdfalk owned process doing -bs X-Received: by pub1.pa.vix.com id QAA27049; Wed, 8 Apr 1998 16:48:38 -0700 (PDT) X-Received: from bb.rc.vix.com [204.152.187.11] by db.rc.vix.com via ESMTP id QAA03237 for <bind-workers () vix com>; Wed, 8 Apr 1998 16:48:38 -0700 (PDT) env-from (halley () vix com) X-Received: by bb.rc.vix.com; id QAA11157; Wed, 8 Apr 1998 16:48:38 -0700 (PDT) Message-Id: <199804082348.QAA11157 () bb rc vix com> To: bind-workers () vix com Subject: BIND 8.1.2-T3B and BIND 4.9.7-T1B Date: Wed, 08 Apr 1998 16:48:38 -0700 From: Bob Halley <halley () vix com> Precedence: bulk Reply-To: Bob Halley <halley () vix com> [There is text before PGP section.] BIND 8.1.2-T3B and BIND 4.9.7-T1B are now publicly available. -- Start of PGP signed section. Announcing BIND 8.1.2-T3B. If you are running BIND 8.1.1 or 8.1 you want to upgrade. Announcing BIND 4.9.7-T1B. If you are still running BIND-4 rather than BIND-8, you need the security patches contained herein. But, you should really just run BIND-8. (See below for motivation.) BIND is brought to you by the Internet Software Consortium, which provides publically available references of key portions of Internet infrastructure. The security fixes included in these releases fix a stack overrun that could occur if inverse query support was enabled, and a number of denial of service attacks where malformed packets could cause the server to crash. Both BIND 8.1.2-T3B and BIND 4.9.7-T1B are release candidates. There will be a brief public beta period to identify any remaining problems before we release the final versions of BIND 8.1.2 and BIND 4.9.7. BIND 8.1.2's changes from BIND 8.1.1 include: -> Improved security. -> Memory leaks have been plugged. -> Bug fixes. -> Updated ports, plus new ports for QNX, LynxOS, HP-UX 9.x, and HP MPE. See the README and CHANGES files in the BIND 8 source kit for full details. BIND 4.9.7's changes from BIND 4.9.6 include: -> Improved security. -> Memory leaks have been plugged. BIND 8's features over BIND 4 are too numerous to mention here, but they include: -> DNS Dynamic Updates (RFC 2136). -> DNS Change Notification (RFC 1996). -> Completely new configuration syntax (and HTML docs for same). -> Flexible, categorized logging system (blackhole lame delegations!). -> IP-address-based access control for queries, zone transfers, and updates that may be specified on a zone-by-zone basis. -> More efficient zone transfers (no fork() on outbound!). -> Improved performance for servers with thousands of zones. -> get*by*() functions can now use Sun NIS if desired/available. -> Many bug fixes, including patches for all known security holes. The release files are: BIND 8.1.2-T3B: ftp://ftp.isc.org/isc/bind/src/testing/bind-src.tar.gz source code ftp://ftp.isc.org/isc/bind/src/testing/bind-src.tar.gz.asc PGP sig ftp://ftp.isc.org/isc/bind/src/testing/bind-doc.tar.gz documentation ftp://ftp.isc.org/isc/bind/src/testing/bind-doc.tar.gz.asc PGP sig ftp://ftp.isc.org/isc/bind/src/testing/bind-contrib.tar.gz contributions ftp://ftp.isc.org/isc/bind/src/testing/bind-contrib.tar.gz.asc PGP sig BIND 4.9.7-T1B: ftp://ftp.isc.org/isc/bind/src/testing/bind-4.9.7-T1B.tar.gz whole thing ftp://ftp.isc.org/isc/bind/src/testing/bind-4.9.7-T1B.tar.gz.asc PGP sig The ".asc" files are PGP signatures for the kits, signed with the <pgpkey () isc org> key. This key has been submitted to the MIT key ring with a lot of well known signatures on it. It can also be found at <URL:http://www.isc.org/isc/> along with a lot of other ISC related material that we hope you'll glance through. Bugs may be reported by sending mail to <bind-bugs () isc org>. -- End of PGP signed section. ----- End of forwarded message from Bob Halley ----- -- Work: jared () qual net - We Make The Internet Work for Your Business 9-5pm(ET) 800 637 4424x2634 - 24x7 NOC - 800 424 3223 pgp key available via finger from jared () puck nether net
Current thread:
- Re: QW server hole Chris Evans (Apr 07)
- smtp overflows Jon Beaton (Apr 08)
- Re: QW server hole Mike Hardy (Apr 08)
- Official SummerCon Announcement X (Apr 08)
- Sun Security Bulletin #00167 Aleph One (Apr 08)
- CA-98.05 Multiple Vulnerabilities in BIND Aleph One (Apr 08)
- BIND 4.9.7 named follows symlinks, clobbers anything. Joe (Apr 10)
- Re: BIND 4.9.7 named follows symlinks, clobbers anything. Mark.Andrews () CMIS CSIRO AU (Apr 11)
- Re: BIND 4.9.7 named follows symlinks, clobbers anything. Paul A Vixie (Apr 11)
- BIND 4.9.7 named follows symlinks, clobbers anything. Joe (Apr 10)
- BIND 8.1.2-T3B and BIND 4.9.7-T1B (fwd) Jared Mauch (Apr 08)
- Temporary fix for remote exploit in qwsv kevingeo () CRUZIO COM (Apr 09)
- Temporary fix for remote exploit in qwsv [fix] kevingeo () CRUZIO COM (Apr 09)