RedHat has issued an advisory on February 21: https://rhn.redhat.com/errata/RHSA-2013-0550.html Upstream hasn't released a new version to fix it, but RedHat has patched it. Mageia 2 is also affected. Reproducible: Steps to Reproduce:
CC: (none) => oe
CC: (none) => guillomovitch
Here is the ISC article for CVE-2012-5689: https://kb.isc.org/article/AA-00855 Has this been fixed upstream yet? Upstream has also since released 9.9.2-P2 to fix CVE-2013-2226: https://kb.isc.org/article/AA-00871
Summary: bind new security issue CVE-2012-5689 => bind new security issues CVE-2012-5689 and CVE-2013-2226
Correction, the new CVE is CVE-2013-2266, not 2226.
Summary: bind new security issues CVE-2012-5689 and CVE-2013-2226 => bind new security issues CVE-2012-5689 and CVE-2013-2266
RedHat has issued an advisory for CVE-2013-2266 on March 28: https://rhn.redhat.com/errata/RHSA-2013-0689.html from http://lwn.net/Vulnerabilities/545189/
CVE-2012-5689 is not fixed upstream, so I committed the patch from RedHat and updated this in Cauldron. Freeze push requested.
Whiteboard: (none) => MGA2TOO
bind 9.9.2-P2 pushed in Cauldron.
Version: Cauldron => 2Whiteboard: MGA2TOO => (none)
Updated and patched package uploaded for Mageia 2. Assigning to QA. Advisory: ======================== Updated bind packages fix security vulnerabilities: A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default (CVE-2012-5689). A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash (CVE-2013-2266). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 https://kb.isc.org/article/AA-00855 https://kb.isc.org/article/AA-00871 https://kb.isc.org/article/AA-00889 https://rhn.redhat.com/errata/RHSA-2013-0550.html https://rhn.redhat.com/errata/RHSA-2013-0689.html ======================== Updated packages in core/updates_testing: ======================== bind-9.9.2.P2-1.mga2 bind-sdb-9.9.2.P2-1.mga2 bind-utils-9.9.2.P2-1.mga2 bind-devel-9.9.2.P2-1.mga2 bind-doc-9.9.2.P2-1.mga2 from bind-9.9.2.P2-1.mga2.src.rpm
Assignee: bugsquad => qa-bugs
No public PoC Testing mga2 32
Before ------ # service named start Starting named (via systemctl): [ OK ] # dig @localhost mageia.org ; <<>> DiG 9.9.2-P1 <<>> @localhost mageia.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16857 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 3 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mageia.org. IN A ;; ANSWER SECTION: mageia.org. 3600 IN A 217.70.188.116 ;; AUTHORITY SECTION: mageia.org. 3600 IN NS ns1.mageia.org. mageia.org. 3600 IN NS ns0.mageia.org. ;; ADDITIONAL SECTION: ns0.mageia.org. 86400 IN A 212.85.158.146 ns1.mageia.org. 86400 IN A 95.142.164.207 ;; Query time: 464 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Apr 4 11:34:25 2013 ;; MSG SIZE rcvd: 123 After ----- # service named restart Restarting named (via systemctl): [ OK ] # dig @localhost mageia.org No regression noticed.
Whiteboard: (none) => has_procedure mga2-32-ok
Testing complete on Mageia 2 x86-64. Could someone from the sysadmin team push the srpm bind-9.9.2.P2-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates. Advisory: Updated bind packages fix security vulnerabilities: A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default (CVE-2012-5689). A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash (CVE-2013-2266). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266 https://kb.isc.org/article/AA-00855 https://kb.isc.org/article/AA-00871 https://kb.isc.org/article/AA-00889 https://rhn.redhat.com/errata/RHSA-2013-0550.html https://rhn.redhat.com/errata/RHSA-2013-0689.html https://bugs.mageia.org/show_bug.cgi?id=9163
Keywords: (none) => validated_updateWhiteboard: has_procedure mga2-32-ok => has_procedure mga2-32-ok MGA2-64-OKCC: (none) => davidwhodgins, sysadmin-bugs
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0105
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED