Re: Bind security announce
Adam, Adding libdns58 and libisc50 solved the problem. Here is the dselect output: Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED libdns55 libisc52 The following NEW packages will be installed libdns58 libisc50 The following packages will be upgraded: apache2-doc apache2-mpm-prefork apache2-utils apache2.2-common base-files bind9 bind9-doc bind9-host bind9utils dnsutils dpkg dpkg-dev dselect krb5-doc libaprutil1 libbind9-50 libc6 libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686 libfreetype6 libfreetype6-dev libisccc50 libisccfg50 libkadm55 libkrb5-dev libkrb53 liblwres50 libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev linux-image-2.6.26-2-686 linux-libc-dev locales openssl phpmyadmin postgresql-client postgresql-client-8.3 postgresql-doc postgresql-doc-8.3 tzdata44 upgraded, 2 newly installed, 2 to remove and 0 not upgraded. Need to get 70.2MB of archives. After this operation, 7479kB of additional disk space will be used. Do you want to continue [Y/n]? So there needs to be a correction in the file so it know to add the new files libdns58 and libisc50. Thanks, Ken On Thu, 30 Dec 2010, Adam D. Barratt wrote: On Thu, 2010-12-30 at 14:07 -0500, Jim Popovitch wrote: I used dselect to do the bind libs updates. The dependency mismatch was handled by dselect, and I had to approve what appeared a downgrade to libisc/dns. I'm guessing this was the package name change from libisc52 to libisc50; largely, the package name should not have reached libisc52, as the soname was still 50, and that has now been corrected (see also #584585). libdns otoh should have been an upgrade from libdns55 to libdns58. Regards, Adam -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1293736881.3190.307.ca...@hathi.jungle.funky-badger.org -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pine.lnx.4.64.1101061349110.5...@mail.pcez.com
Re: Bind security announce
On Wed, 29 Dec 2010, Carlos Alberto Lopez Perez wrote: On 12/29/2010 03:34 AM, Account for Debian group mail wrote: Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50 The following packages will be upgraded: base-files bind9-doc dpkg dpkg-dev dselect krb5-doc libaprutil1 libc6 libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686 libfreetype6 libfreetype6-dev libkadm55 libkrb5-dev libkrb53 liblwres50 libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev linux-image-2.6.26-2-686 linux-libc-dev locales openssl postgresql-client postgresql-client-8.3 postgresql-doc postgresql-doc-8.3 tzdata 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded. Need to get 62.6MB of archives. After this operation, 5464kB of additional disk space will be used. Do you want to continue [Y/n]? Look at this! it wants to REMOVE bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50. What is going wrong here? Try to use aptitude, it makes smarter decisions when solving package dependencies than apt/dselect # aptitude update aptitude safe-upgrade Are you saying that dselect is no longer usefull on doing security upgrades? I've been using dselect for over 15 years doing just that. The only time I've used aptitude is for doing major version upgrades. If there is a problem with dselect let's get it fixed or remove it from use. Thanks, Ken -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pine.lnx.4.64.1012300435290.26...@mail.pcez.com
Re: Bind security announce
On 12/30/2010 01:40 PM, Account for Debian group mail wrote: Are you saying that dselect is no longer usefull on doing security upgrades? I've been using dselect for over 15 years doing just that. The only time I've used aptitude is for doing major version upgrades. If there is a problem with dselect let's get it fixed or remove it from use. No, I am simply saying that aptitude simply solves better the dependencies than dselect [1], so, if you have problems because dselect is choosing a solution that you don't like when solving package dependencies then give a try to aptitude. [1] I was attacked by dselect as a small child and have since avoided debian. – Andrew Morton http://en.wikipedia.org/wiki/Dselect http://www.debian.org/doc/FAQ/ch-uptodate.en.html signature.asc Description: OpenPGP digital signature
Re: Bind security announce
On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote: Well I waited to see if someone came our with a solution to this problem, none seen. So I'm updating another machine, here is what dselect is showing me: What that output doesn't include, which it should, is that there should be two *new* packages to install - namely libdns58 and libisc50; were those mentioned at any point in the process of selecting the updated bind9 packages for installation? [...] OK as you can see it is going to update bind9 and bind9utils along with other libaries needed for bind9. So let's do the update: [...] The following packages will be upgraded: [package list including liblwres50] The following packages will be REMOVED bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50 The following packages will be upgraded: [...] 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded. The last line looks odd, given that there should be two newly installed packages (see above). The fact that liblwres50 manages to get upgraded and the lack of the new packages being installed suggests that dselect has been told that it may not install the new packages and the conflict between that and being asked to upgrade packages which depend on the new packages has been solved by removing the problem packages. It's been a long time since I've used dselect so I may have misremembered the proposals it would make in this case. I would certainly have expected it to prompt for the installation of libdns58 and libisc50 though. Regards, Adam -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1293735458.3190.200.ca...@hathi.jungle.funky-badger.org
Re: Bind security announce
On Thu, Dec 30, 2010 at 13:57, Adam D. Barratt a...@adam-barratt.org.uk wrote: On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote: Well I waited to see if someone came our with a solution to this problem, none seen. So I'm updating another machine, here is what dselect is showing me: What that output doesn't include, which it should, is that there should be two *new* packages to install - namely libdns58 and libisc50; were those mentioned at any point in the process of selecting the updated bind9 packages for installation? I used dselect to do the bind libs updates. The dependency mismatch was handled by dselect, and I had to approve what appeared a downgrade to libisc/dns. I really don't remember why, but my thought at the time was that I needed to find a way to purge all libdns and libisc packages because I don't run bind and only need dig/host/nslookup functionality on those boxes. Seriously though, dnsutils needs some overhaul and cleanup -Jim P. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktinwan1re0v12thi6b_uomoggbhg3yekjt2cj...@mail.gmail.com
Re: Bind security announce
On Thu, Dec 30, 2010 at 14:07, Jim Popovitch jim...@gmail.com wrote: On Thu, Dec 30, 2010 at 13:57, Adam D. Barratt a...@adam-barratt.org.uk wrote: On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote: Well I waited to see if someone came our with a solution to this problem, none seen. So I'm updating another machine, here is what dselect is showing me: What that output doesn't include, which it should, is that there should be two *new* packages to install - namely libdns58 and libisc50; were those mentioned at any point in the process of selecting the updated bind9 packages for installation? I used dselect to do the bind libs updates. The dependency mismatch was handled by dselect, and I had to approve what appeared a downgrade to libisc/dns. I really don't remember why, but my thought at the time was that I needed to find a way to purge all libdns and libisc packages because I don't run bind and only need dig/host/nslookup functionality on those boxes. Seriously though, dnsutils needs some overhaul and cleanup Further, it's worth pointing out that after the bind libs update, the libbind9-40* libdns45* libisc45* libisccc40* libisccfg40* liblwres40* libs were not removed by a simple apt-get autoremove. -Jim P. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/aanlktikhytlto1z82jgvqtgcvjw0zhf8vdptok3aw...@mail.gmail.com
Re: Bind security announce
On Thu, 2010-12-30 at 14:07 -0500, Jim Popovitch wrote: I used dselect to do the bind libs updates. The dependency mismatch was handled by dselect, and I had to approve what appeared a downgrade to libisc/dns. I'm guessing this was the package name change from libisc52 to libisc50; largely, the package name should not have reached libisc52, as the soname was still 50, and that has now been corrected (see also #584585). libdns otoh should have been an upgrade from libdns55 to libdns58. Regards, Adam -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1293736881.3190.307.ca...@hathi.jungle.funky-badger.org
Re: Bind security announce
On 12/29/2010 03:34 AM, Account for Debian group mail wrote: Reading package lists... Done Building dependency tree Reading state information... Done The following packages will be REMOVED bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50 The following packages will be upgraded: base-files bind9-doc dpkg dpkg-dev dselect krb5-doc libaprutil1 libc6 libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686 libfreetype6 libfreetype6-dev libkadm55 libkrb5-dev libkrb53 liblwres50 libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev linux-image-2.6.26-2-686 linux-libc-dev locales openssl postgresql-client postgresql-client-8.3 postgresql-doc postgresql-doc-8.3 tzdata 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded. Need to get 62.6MB of archives. After this operation, 5464kB of additional disk space will be used. Do you want to continue [Y/n]? Look at this! it wants to REMOVE bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50. What is going wrong here? Try to use aptitude, it makes smarter decisions when solving package dependencies than apt/dselect # aptitude update aptitude safe-upgrade signature.asc Description: OpenPGP digital signature
Re: Bind security announce
Well I waited to see if someone came our with a solution to this problem, none seen. So I'm updating another machine, here is what dselect is showing me: *** Req adminbase-files 5lenny7 5lenny8 Debian base system miscellaneous files *** Req admindpkg 1.14.29+b1 1.14.30 Debian package management system ... Updated Required packages in section libs ... *** Req libs libc62.7-18lenny 2.7-18lenny GNU C Library: Shared libraries *** Req libs tzdata 2010j-0lenn 2010o-0lenn time zone and daylight-saving time data . Updated Important packages . ... Updated Important packages in section libs ... *** Imp libs libssl0.9.8 0.9.8g-15+l 0.9.8g-15+l SSL shared libraries . Updated Standard packages . ... Updated Standard packages in section libs ... *** Std libs libbind9-50 1:9.6.ESV.R 1:9.6.ESV.R BIND9 Shared Library used by BIND *** Std libs libisccc50 1:9.6.ESV.R 1:9.6.ESV.R Command Channel Library used by BIND *** Std libs libisccfg50 1:9.6.ESV.R 1:9.6.ESV.R Config File Handling Library used by BIND *** Std libs libkrb53 1.6.dfsg.4~ 1.6.dfsg.4~ MIT Kerberos runtime libraries *** Std libs liblwres50 1:9.6.ESV.R 1:9.6.ESV.R Lightweight Resolver Library used by BIND *** Std libs libxml2 2.6.32.dfsg 2.6.32.dfsg GNOME XML library *** Std libs locales 2.7-18lenny 2.7-18lenny GNU C Library: National Language (locale) data [support] ... Updated Standard packages in section net ... *** Std net bind9-host 1:9.6.ESV.R 1:9.6.ESV.R Version of 'host' bundled with BIND 9.X *** Std net dnsutils 1:9.6.ESV.R 1:9.6.ESV.R Clients provided with BIND . Updated Optional packages . ... Updated Optional packages in section admin ... *** Opt admindselect 1.14.29+b1 1.14.30 Debian package management front-end *** Opt adminlinux-image- 2.6.26-25le 2.6.26-26le Linux 2.6.26 image on PPro/Celeron/PII/PIII/P4 ... Updated Optional packages in section devel ... *** Opt devellinux-libc-d 2.6.26-25le 2.6.26-26le Linux support headers for userspace development ... Updated Optional packages in section doc ... *** Opt doc bind9-doc1:9.6.ESV.R 1:9.6.ESV.R Documentation for BIND *** Opt doc krb5-doc 1.6.dfsg.4~ 1.6.dfsg.4~ Documentation for MIT Kerberos *** Opt doc postgresql-d 8.3.11-0len 8.3.12-0len documentation for the PostgreSQL database management system *** Opt doc postgresql-d 8.3.11-0len 8.3.12-0len documentation for the PostgreSQL database management system ... Updated Optional packages in section libdevel ... *** Opt libdevel libc6-dev2.7-18lenny 2.7-18lenny GNU C Library: Development Libraries and Header Files *** Opt libdevel libc6-dev-am 2.7-18lenny 2.7-18lenny GNU C Library: 64bit Development Libraries for AMD64 *** Opt libdevel libfreetype6 2.3.7-2+len 2.3.7-2+len FreeType 2 font engine, development files *** Opt libdevel libssl-dev 0.9.8g-15+l 0.9.8g-15+l SSL development libraries, header files and documentation *** Opt libdevel libxml2-dev 2.6.32.dfsg 2.6.32.dfsg Development files for the GNOME XML library ... Updated Optional packages in section libs ... *** Opt libs libaprutil1 1.2.12+dfsg 1.2.12+dfsg The Apache Portable Runtime Utility Library *** Opt libs libc6-amd64 2.7-18lenny 2.7-18lenny GNU C Library: 64bit Shared libraries for AMD64 *** Opt libs libfreetype6 2.3.7-2+len 2.3.7-2+len FreeType 2 font engine, shared library files *** Opt libs libkadm551.6.dfsg.4~ 1.6.dfsg.4~ MIT Kerberos administration runtime libraries *** Opt libs libpq5 8.3.11-0len 8.3.12-0len PostgreSQL C client library ... Updated Optional packages in section misc ... *** Opt misc postgresql-c 8.3.11-0len 8.3.12-0len front-end programs for PostgreSQL (supported version) *** Opt misc postgresql-c 8.3.11-0len 8.3.12-0len front-end programs for PostgreSQL 8.3 ... Updated Optional packages in section net ... *** Opt net bind91:9.6.ESV.R 1:9.6.ESV.R Internet Domain Name Server *** Opt net bind9utils 1:9.6.ESV.R 1:9.6.ESV.R Utilities for BIND ... Updated Optional packages in section utils ... *** Opt utilsdpkg-dev 1.14.29 1.14.30 Debian package development tools *** Opt utilsopenssl 0.9.8g-15+l 0.9.8g-15+l Secure Socket Layer (SSL) binary and related cryptographic tools . Updated Extra packages . ... Updated Extra packages in section libdevel ... *** Xtr libdevel libkrb5-dev 1.6.dfsg.4~ 1.6.dfsg.4~ Headers and development libraries for MIT Kerberos ... Updated Extra packages in section libs ... *** Xtr libs libc6-i686 2.7-18lenny 2.7-18lenny GNU C Library: Shared libraries [i686 optimized] OK as you can see it
Re: Bind security announce
On Fri, 10 Dec 2010, Florian Weimer wrote: * Debian security: Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? There was a technical issue with the update process, which has been resolved now. Updates will be released in due course. Hello, I did the security upgraded on one of my DNS servers running bind9 on a Lenny platform and it removed bind9 all together. I had to go in and reinstall bind9. I did this last night. Ken -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pine.lnx.4.64.1012130825280.16...@mail.pcez.com
Re: Bind security announce
* Account for Debian group mail: On Fri, 10 Dec 2010, Florian Weimer wrote: * Debian security: Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? There was a technical issue with the update process, which has been resolved now. Updates will be released in due course. Hello, I did the security upgraded on one of my DNS servers running bind9 on a Lenny platform and it removed bind9 all together. I had to go in and reinstall bind9. I did this last night. Could you show us the relevant lines from /var/log/dpkg.log, please? Thanks. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87lj3two09@mid.deneb.enyo.de
Re: Bind security announce
On Mon, 13 Dec 2010, Florian Weimer wrote: * Account for Debian group mail: On Fri, 10 Dec 2010, Florian Weimer wrote: * Debian security: Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? There was a technical issue with the update process, which has been resolved now. Updates will be released in due course. Hello, I did the security upgraded on one of my DNS servers running bind9 on a Lenny platform and it removed bind9 all together. I had to go in and reinstall bind9. I did this last night. Could you show us the relevant lines from /var/log/dpkg.log, please? Sure! I not sure what you might call being relevant so I included all lines that are there for this session. Please excuse all the stuff that was installed, it has been a few weeks since the last update. Here are the lines: 2010-12-12 23:35:02 startup packages remove 2010-12-12 23:35:02 status installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 remove bind9 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:07 status half-configured bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status triggers-pending man-db 2.5.2-4 2010-12-12 23:35:07 status half-installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 remove dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:07 status half-configured dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status not-installed dnsutils none 2010-12-12 23:35:07 status installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 remove bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:07 status half-configured bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status not-installed bind9-host none 2010-12-12 23:35:07 status installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 remove bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:07 status half-configured bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status half-installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:07 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status not-installed bind9utils none 2010-12-12 23:35:08 status installed libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 remove libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:08 status half-configured libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status half-installed libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status installed libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 remove libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1 2010-12-12 23:35:08 status half-configured libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status half-installed libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 2010-12-12 23:35:08 status config-files libisccfg50
Re: Bind security announce
Le lundi 13 décembre 2010 à 08:29 -0800, Account for Debian group mail a écrit : On Fri, 10 Dec 2010, Florian Weimer wrote: * Debian security: Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? There was a technical issue with the update process, which has been resolved now. Updates will be released in due course. Hello, I did the security upgraded on one of my DNS servers running bind9 on a Lenny platform and it removed bind9 all together. I had to go in and reinstall bind9. I did this last night. Ken Just did the upgrade here on Two Debian Lenny DNS server (one authoritative and one resolver) and got no problem... At least not what's described here or none I have seen yet. Alex
Re: Bind security announce
* Debian security: Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? There was a technical issue with the update process, which has been resolved now. Updates will be released in due course. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/874oaldays@mid.deneb.enyo.de
Bind security announce
Hello, ISC published new versions of their DNS server: bind. This version is corrects bug and one security issue (classified as High) that impacts the version shipped in Debian Lenny. It has been published yeterday and I still can't see any update in the security repository. Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? https://www.isc.org/software/bind/advisories/cve-2010-3613 https://www.isc.org/software/bind/advisories/cve-2010-3614
Re: Bind security announce
On Thu, 02 Dec 2010 08:34:40 -1000, Debian security wrote: Hello, ISC published new versions of their DNS server: bind. This version is corrects bug and one security issue (classified as High) that impacts the version shipped in Debian Lenny. It has been published yeterday and I still can't see any update in the security repository. Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? https://www.isc.org/software/bind/advisories/cve-2010-3613 https://www.isc.org/software/bind/advisories/cve-2010-3614 This is the first I've heard of these issues. You can submit a bug report against bind9 to encourage the maintainer to start working on a fix for unstable and a backport for lenny. It would be even more helpful if you can extract the patches, apply them, and send a diff against the current packages. Mike -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101202140928.24213d1f.michael.s.gilb...@gmail.com
Re: Bind security announce
On 2010-12-02, Debian security debian-secur...@mana.pf wrote: --=-PKfS7p5OBjSN/MdjuBqP Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Hello, ISC published new versions of their DNS server: bind. This version is corrects bug and one security issue (classified as High) that impacts the version shipped in Debian Lenny. It has been published yeterday and I still can't see any update in the security repository. Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs? An update is currently being prepared. Cheers, Moritz -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/slrniffv0f.2e3@inutil.org
Re: Bind security announce
On 02/12/10 14:09 -0500, Michael Gilbert wrote: https://www.isc.org/software/bind/advisories/cve-2010-3613 https://www.isc.org/software/bind/advisories/cve-2010-3614 This is the first I've heard of these issues. You can submit a bug report against bind9 to encourage the maintainer to start working on a fix for unstable and a backport for lenny. It would be even more helpful if you can extract the patches, apply them, and send a diff against the current packages. Ubuntu issued a USN with fixed packages yesterday. The patches should apply to the corresponding debian versions. http://www.ubuntu.com/usn/usn-1025-1 regards Rolf -- ... And there comes a time when one must take a position that is neither safe, nor politic, nor popular but one must take it because one's conscience tells one that it is right. — Martin Luther King, Jr. signature.asc Description: Digital signature