[libbind9] [CVE-2008-0122] off-by-one error in the inet_network function

Bug #203476 reported by disabled.user on 2008-03-18
260
This bug affects 1 person
Affects Status Importance Assigned to Milestone
bind9 (Debian)
Fix Released
Unknown
bind9 (Gentoo Linux)
Invalid
Medium
bind9 (Ubuntu)
Undecided
LaMont Jones
Dapper
Low
Unassigned
Edgy
Low
Unassigned
Feisty
Low
Unassigned
Gutsy
Low
Unassigned

Bug Description

Binary package hint: libbind9-0

References:
SUSE-SR:2008:006

Quoting CVE-2008-0122:
"Off-by-one error in the inet_network function in libbind in ISC BIND 9.4.2 and earlier, as used in libc in FreeBSD 6.2 through 7.0-PRERELEASE, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted input that triggers memory corruption."

CVE References

LaMont Jones (lamont) wrote :

in 1:9.4.2-8, on the off chance that anyone in the world actually uses libbind9 to build packages on either linux distro.

Changed in bind9:
assignee: nobody → lamont
status: New → Fix Committed
Changed in bind9:
status: Unknown → Fix Released
Jamie Strandboge (jdstrand) wrote :

Applications shipped in bind9 do not use this function, and no other applications link against bind9.

Jamie Strandboge (jdstrand) wrote :

That should have read 'no other applications link against libbind9'.

Changed in bind9:
importance: Undecided → Low
importance: Undecided → Low
importance: Undecided → Low
Changed in bind9:
importance: Undecided → Low
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package bind9 - 1:9.4.2-9

---------------
bind9 (1:9.4.2-9) unstable; urgency=low

  * apparmor: allow subdirs in {/etc,/var/cache,/var/lib}/bind
  * apparmor: make profile match README.Debian

bind9 (1:9.4.2-8) unstable; urgency=low

  [ISC]

  * CVE-2008-0122: off by one error in (unused) inet_network function.
    Closes: #462783 LP: #203476

  [Michael Milligan]

  * Fix min-cache-ttl and min-ncache-ttl keywords

  [Jamie Strandboge]

  * apparmor: force complain-mode for apparmor on certain upgrades. LP: #203528
  * debian/bind9.postrm: purge /etc/apparmor.d/force-complain/usr.sbin.named

bind9 (1:9.4.2-7) unstable; urgency=low

  [Jamie Strandboge]

  * Allow rw access to /var/lib/bind/* in apparmor-profile. LP: #201954

  [LaMont Jones]

  * Drop root-delegation comments from named.conf. Closes: #217829, #297219

 -- LaMont Jones <email address hidden> Fri, 04 Apr 2008 11:44:26 +0100

Changed in bind9:
status: Fix Committed → Fix Released
Changed in bind9:
status: Unknown → In Progress
Hew (hew) wrote :

Ubuntu Edgy Eft is no longer supported, so a SRU will not be issued for this release. Marking Edgy as Won't Fix.

Changed in bind9:
status: New → Won't Fix
Jamie Strandboge (jdstrand) wrote :

Based on my previous comments, I am marking this bug as Won't Fix. It has negligible impact on Ubuntu.

Changed in bind9:
status: New → Won't Fix
status: New → Won't Fix
status: New → Won't Fix
Changed in bind9 (Gentoo Linux):
status: In Progress → Invalid
Changed in bind9 (Gentoo Linux):
importance: Unknown → Medium
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.