[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:49071] [Translate] [SECURITY] [DSA 1341-1] New bind9 packages fix DNS cache poisoning
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1341-1 security@debian.org
http://www.debian.org/security/ Moritz Muehlenhoff
July 25th, 2007 http://www.debian.org/security/faq
- --------------------------------------------------------------------------
Package : bind9
Vulnerability : 設計ミス
Problem-Type : リモート
Debian-specific: いいえ
CVE ID : CVE-2007-2926
Amit Klein さんにより、BIND ネームサーバの生成する DNS クエリ ID が予測可
能なため、キャッシュ汚染攻撃に悪用可能であることが発見されました。
旧安定版 (Sarge) 向けの更新パッケージは準備中です。これについては後日提供
予定です。
安定版 (stable) ディストリビューション (etch) では、この問題はバージョン
9.3.4-2etch1 で修正されています。mips アーキテクチャ向けのパッケージはま
だ提供されていません。これについては後日提供予定です。
不安定版 (unstable) ディストリビューション (sid) では、この問題は近く修正
予定です。
直ぐに BIND パッケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 4.0 alias etch
- -------------------------------
ソースアーカイブ:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.dsc
Size/MD5 checksum: 758 428b3a45636c78046dbb77d9335a9973
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1.diff.gz
Size/MD5 checksum: 287783 47a34c979ee9db072b37e2ae0ad0bdec
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4.orig.tar.gz
Size/MD5 checksum: 4043577 198181d47c58a0a9c0265862cd5557b0
アーキテクチャに依存しない内容:
http://security.debian.org/pool/updates/main/b/bind9/bind9-doc_9.3.4-2etch1_all.deb
Size/MD5 checksum: 186546 3ac7d54f57348ac941d5e0812ccc12f5
Alpha architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 322456 dfe4b93bc4f56fd5dd0d8e2d1998ad28
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 115188 9e79109d03b06a82561bb3245d85b53c
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 188024 9df9116f4e4d87dd6d1f310506762d05
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 1407446 2c263eb7c5a053db9127f5bb4ea3e63a
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 96012 39238a7c31a2f36fcd55152cf3c3314e
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 566696 a5cb0c0f4e1935fd836d17baed691184
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 189572 8ec031302a94a02a09b0af196bd300dc
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 97650 0075b972a1a8893cd71c66bcaaff95d4
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 111912 cae6cf777332ed408fd6b122198d325f
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 115874 fc5f861aad1689c7aeba2f1f012324ba
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_alpha.deb
Size/MD5 checksum: 225398 f4b2582ac5d26563becd0b83e7f054ba
AMD64 architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 317188 4426301631236673c7501c63d7d1be64
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 116584 8485c57afdaefb85a77c2cec61bb0b7b
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 190490 8081ccaac50c67c51e9a49804d22e2f1
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 1110612 dfa5a6f773e5cc985ca15b08cf868afc
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 95162 de0fd449293c68f17886b9fcf8aaf3e0
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 553466 7a6494a6bd042ccf5df4d99d6c5c2542
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 186922 83db82dca4032d2326be7b1bb8624d19
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 95958 76cf006f35ab0fe0d5db1bea77902e7c
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 110608 099dbfa728bbd0ba230362327b96af33
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 113880 b90a561a40975ea4cddd3f59dc2d5a6b
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_amd64.deb
Size/MD5 checksum: 223960 34ce7a0693aadc21ece63efc42717dc3
HP Precision architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 311286 ddc9ebd93f06b76792798a6a5bc01d34
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 115332 36e51f58ed0be288c2ab066bd0e1e763
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 187714 7ade5d593bef956f1dd7769c29f6551f
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 1257768 dcffd2d0af9262b3b3c2d1b8166d9c65
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 96256 c10cd5cc0d827b485e7a6b1d06342992
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 545018 c8a2f5a0a086a858ce4ae4e9c096d28c
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 185090 039d93f2286fa4974c360745f6e7ec89
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 96074 98b897d5f0c8ff086514d86801122d30
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 112556 16330ecebbd5be5dcfbfa7acb67c89aa
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 113746 ccb0abb76e39395ec051eac5b10ab3bb
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_hppa.deb
Size/MD5 checksum: 216754 94ea9e9fc614f3ae44e184d4a070dee8
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 294096 a54d3779c21bc3d3ea13b8991aedd55c
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 112686 91b9f6ad1fe1d3bed4473e844060755d
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 180052 acdaa5225d7a8a46dfa018d33b85917f
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 995710 8d44e9f8b65868d201cc0593c035a0b2
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 94040 208d791ca231d336850b8526b61dc547
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 473758 f0ca4e1c62970bcdb4ca0e4fec82bd20
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 168910 f1be1c9a61bb8c1a7b28a73144a0febc
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 94014 3927f50039cb5a3815d37ee60b8f0805
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 105664 24dd5215d1eb5aabe10f68bd379dfbf5
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 109552 9211a8f796f460cb1674ad233f99f0b8
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_i386.deb
Size/MD5 checksum: 206122 5f581d25b7eac5d9924633c48374cfd9
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 392704 fbb60f8a53e1df4370f6b1fa04dcaa7f
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 125346 d7b91c0fd8c935dc80d5c2f10dfb71cd
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 215892 d8b6b3e6a35d326074763dcb6f2a02d1
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 1585738 f246e3455fdcc4bede6aaa4feb7e5a4c
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 99586 a6a90361dbe16b55fac090b6221bb2b6
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 742434 2d827017a7f76dbaae60ac1c827c7375
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 231552 8968c74dabdb69eeb4091e8a8d4b2139
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 102034 da5aec0bfc2e2f8c659f563a8774596a
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 117356 99c85d5fd4b7790a8a3fbe0b66c55ce8
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 127150 3f764e3176185b773ddfa988105dce93
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_ia64.deb
Size/MD5 checksum: 280214 ca7ba1f13de17522a302538390731a11
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 298960 386cfb4312bfed69a2ed12304609a3ed
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 112532 92eb6f06d4a18dca899f5d23caddea3b
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 179148 4ca657710b1071bac2ebd2a27ac1122c
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 1206278 03496e479c5e92c1e4e6bbb63c54f73b
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 93742 cb50eb9cce7422e8879aa796dfdb7b8d
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 489944 ab86bfaff22e47af0bfd3fc57c0db801
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 173664 03c3008a5493f50b453ac239e843a5db
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 94564 5c1aab5f8cee9fac9e678737b5171ecc
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 106766 7d53ee8d69117fdde48a1074cfdd3f1b
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 109844 13abaab553f3c76403b948fea9d0cc1c
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_mipsel.deb
Size/MD5 checksum: 210372 4bdb416e4876166765b8aa3987d8e339
PowerPC architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 300740 b8f07903829e88e7dd495cb0866a1be4
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 113376 20cdab8f8babc1e60bcc6e34824be459
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 182824 7eb696a4324c5ad3f8b403a977c62c55
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 1169274 289ca4f005063dec3ad819896ba0afb1
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 95760 ca5d0db4143552b8570c766acea14a71
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 490474 ef3bc644324fd9293b8f132e3bdf6eef
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 173214 49a7fec7735be2fa5143280197d2e34d
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 95768 6970420c1ca23d748ed7bdf9efc029e1
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 108868 a0be0fc5c4c666348cc11d3502fa8a30
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 111876 899a074f3970c21cb97e2d0b5a3b3606
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_powerpc.deb
Size/MD5 checksum: 206322 24bce060644edb83c85a83e1c0d81087
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 331352 1d686878f52e8d8a3a1a10dd5d1eeae2
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 117686 53039a718a231df07de1020ae4062d04
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 194230 4fefe9085f9c27fd11f63b944ebe1583
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 1138900 d511892e9f7b30f034d30d9b10722f67
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 95298 6f5505c5815bd05d5acca2a7bc918f52
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 581310 338f8914e14bfdc50835252d76f0fd42
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 196206 543df937ea45c7b5f784c1c952a7f5e0
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 97416 fa1af3cf8a7416f3ed5b7d42c836b8b2
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 113884 2ec66079b2d2e11cf897f0977729a4c1
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 116232 f5fa31d37e78bbb36f73d53da5da27ea
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_s390.deb
Size/MD5 checksum: 233484 1dffc0d674f30381bbe5a7ffdbc30518
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/b/bind9/bind9_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 299544 d87837fe5a3f20c6a14fdf3318dd2262
http://security.debian.org/pool/updates/main/b/bind9/bind9-host_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 113810 f403041c08435061da227325811fa162
http://security.debian.org/pool/updates/main/b/bind9/dnsutils_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 183572 8af8396c1de389c5d59c043f957f6ffc
http://security.debian.org/pool/updates/main/b/bind9/libbind-dev_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 1122852 f127cc8eaf19ea1afc0e75d95dddfe01
http://security.debian.org/pool/updates/main/b/bind9/libbind9-0_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 94460 5a3a6e60c48ea5a2430852e8f0bdccde
http://security.debian.org/pool/updates/main/b/bind9/libdns22_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 495516 6be9e70176aea0f4103f66638d1ddb4e
http://security.debian.org/pool/updates/main/b/bind9/libisc11_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 174856 af7512793320752e3607994adcdf5192
http://security.debian.org/pool/updates/main/b/bind9/libisccc0_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 94450 607818b14e52d297085cf59f207afce7
http://security.debian.org/pool/updates/main/b/bind9/libisccfg1_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 107158 67c296d0d2ca2bd11260b9433bb8b444
http://security.debian.org/pool/updates/main/b/bind9/liblwres9_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 110702 0237570eab7e9344b78728b6ff4c3a55
http://security.debian.org/pool/updates/main/b/bind9/lwresd_9.3.4-2etch1_sparc.deb
Size/MD5 checksum: 210042 3d5b39b5e149149d314c3d3b0693e057
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------