[slackware-security]  bind (SSA:2012-341-01)

New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37,
14.0, and -current to fix security issues.


Here are the details from the Slackware 14.0 ChangeLog:
+--------------------------+
patches/packages/bind-9.9.2_P1-i486-1_slack14.0.txz:  Upgraded.
  IMPORTANT NOTE:  This package updates BIND from 9.7.6_P4 to
  9.8.4_P1 since the 9.7 series is no longer supported.  It is
  possible that some changes may be required to your local
  configuration.
  This release addresses some denial-of-service and other bugs.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5688
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5166
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3817
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1667
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3868
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.8.4_P1-i
486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.8.4_P1-i
486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.8.4_P1-i
486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.8.4_P1
-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.8.4_P1-i
486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.8.4_P1
-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.8.4_P1-
i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.8.4_P
1-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.2_P1-i
486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.2_P1
-x86_64-1_slack14.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.9.2_P1-i48
6-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.9.2_P1
-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 12.1 package:
2df945fd92d480df98711992180cdd70  bind-9.8.4_P1-i486-1_slack12.1.tgz

Slackware 12.2 package:
ddf762702befde00ab86cda1a5766bbd  bind-9.8.4_P1-i486-1_slack12.2.tgz

Slackware 13.0 package:
b6c9a8f1262bd39db2dd77034f58e568  bind-9.8.4_P1-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
b35c20ad9778035c7e04ef2944375608  bind-9.8.4_P1-x86_64-1_slack13.0.txz

Slackware 13.1 package:
a6b061aeb84003ea7b6ddcc157e0db65  bind-9.8.4_P1-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
54ee26b4924ab502eedfd024d83db20e  bind-9.8.4_P1-x86_64-1_slack13.1.txz

Slackware 13.37 package:
04d40ede0a96160e79767bf995469773  bind-9.8.4_P1-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
f4635df06e3c0f62f035d00e15b0f5fb  bind-9.8.4_P1-x86_64-1_slack13.37.txz

Slackware 14.0 package:
66612ea03941fc8ef5ef21409ecc6fe3  bind-9.9.2_P1-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
6f664fe7e955c0dbe806a63ad9212c00  bind-9.9.2_P1-x86_64-1_slack14.0.txz

Slackware -current package:
83bc10ca67bede66bf742a7d0ab6e628  n/bind-9.9.2_P1-i486-1.txz

Slackware x86_64 -current package:
4a539dd88ef3637eee56693c037a3dc8  n/bind-9.9.2_P1-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg bind-9.9.2_P1-i486-1_slack14.0.txz

Then, restart the name server:

# /etc/rc.d/rc.bind restart


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

A closer look at Mega cloud storage

Posted on 21 May 2013.  |  Once a novelty, nowadays many cloud storage services are fighting for their piece of the market in the virtual world. Mega offers 50GB of free space with great pricing on Pro accounts.

The CSO perspective on healthcare security and compliance

Posted on 20 May 2013.  |  Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.

Cyber espionage campaign uses professionally-made malware

Posted on 20 May 2013.  |  A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.

Ransomware adds password stealing to its arsenal

Posted on 17 May 2013.  |  Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.

IT security jobs: What's in demand and how to meet it

Posted on 15 May 2013.  |  Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.