Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Internet Software Consortium Security Advisory: 5 March 2003
Date: Wed Mar 05 2003 - 20:34:55 CST
-----BEGIN PGP SIGNED MESSAGE-----
Internet Software Consortium Security Advisory.
5 March 2003
BIND 9.2.2 was released which contains fixes for previously
These were a remote buffer overflow documented in CERT advisory
[CERT CA-2002-19] and enforcement of the minimum OpenSSL version
BIND 9.2.0 and BIND 9.2.1 needs to be upgraded if you have not
already applied the workaround listed in [CERT CA-2002-19] and
you enabled libbind by specifying "configure --enable-libbind"
when you built BIND 9.2.0 or BIND 9.2.1.
BIND 9..x needs to be upgraded if you have not applied the
workaround listed in [CA-2002-23]. BIND 9.2.2 enforces a
minimum OpenSSL version at compile time.
BIND 9.2.0 and BIND 9.2.1 need to be upgraded if you built BIND
with a vulnerable version of OpenSSL, "configure --with-openssl".
BIND 9.2.2 enforces a minimum OpenSSL version at compile time.
You can test to see if BIND was built with OpenSSL by running:
dnssec-keygen -a rsa -b 512 -n zone foo
If the command returns an error message which contains "built with
no crypto support" then BIND was NOT linked against OpenSSL. This
does NOT check the OpenSSL version in use.
If you are in doubt about your current BIND status upgrade.
The current BIND version can be found via:
The current BIND security page can be found via:
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
-----END PGP SIGNATURE-----