Bind security announce

classic Classic list List threaded Threaded
18 messages Options
Reply | Threaded
Open this post in threaded view
|

Bind security announce

Debian security
Hello,

ISC published new versions of their DNS server: bind.
This version is corrects bug and one security issue (classified as High) that impacts the version shipped in Debian Lenny.
It has been published yeterday and I still can't see any update in the security repository.
Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3 which correct the bugs?

https://www.isc.org/software/bind/advisories/cve-2010-3613
https://www.isc.org/software/bind/advisories/cve-2010-3614
Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Michael Gilbert
On Thu, 02 Dec 2010 08:34:40 -1000, Debian security wrote:

> Hello,
>
> ISC published new versions of their DNS server: bind.
> This version is corrects bug and one security issue (classified as High)
> that impacts the version shipped in Debian Lenny.
> It has been published yeterday and I still can't see any update in the
> security repository.
> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
> which correct the bugs?
>
> https://www.isc.org/software/bind/advisories/cve-2010-3613
> https://www.isc.org/software/bind/advisories/cve-2010-3614

This is the first I've heard of these issues.  You can submit a bug
report against bind9 to encourage the maintainer to start working on a
fix for unstable and a backport for lenny.  It would be even more
helpful if you can extract the patches, apply them, and send a diff
against the current packages.

Mike


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/20101202140928.24213d1f.michael.s.gilbert@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Moritz Muehlenhoff-5
In reply to this post by Debian security
On 2010-12-02, Debian security <[hidden email]> wrote:

>
> --=-PKfS7p5OBjSN/MdjuBqP
> Content-Type: text/plain; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> Hello,
>
> ISC published new versions of their DNS server: bind.
> This version is corrects bug and one security issue (classified as High)
> that impacts the version shipped in Debian Lenny.
> It has been published yeterday and I still can't see any update in the
> security repository.
> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
> which correct the bugs?

An update is currently being prepared.

Cheers,
        Moritz


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/slrniffv0f.2e3.jmm@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Rolf Kutz-2
In reply to this post by Michael Gilbert
On 02/12/10 14:09 -0500, Michael Gilbert wrote:
>>
>> https://www.isc.org/software/bind/advisories/cve-2010-3613
>> https://www.isc.org/software/bind/advisories/cve-2010-3614
>
>This is the first I've heard of these issues.  You can submit a bug
>report against bind9 to encourage the maintainer to start working on a
>fix for unstable and a backport for lenny.  It would be even more
>helpful if you can extract the patches, apply them, and send a diff
>against the current packages.

Ubuntu issued a USN with fixed packages yesterday.
The patches should apply to the corresponding
debian versions.

http://www.ubuntu.com/usn/usn-1025-1

regards
Rolf
--
... And there comes a time when one must take a position that is neither
safe, nor politic, nor popular but one must take it because one's
conscience tells one that it is right. — Martin Luther King, Jr.

signature.asc (853 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Florian Weimer
In reply to this post by Debian security
* Debian security:

> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
> which correct the bugs?

There was a technical issue with the update process, which has been
resolved now.  Updates will be released in due course.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/874oaldays.fsf@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Account for Debian group mail
On Fri, 10 Dec 2010, Florian Weimer wrote:

> * Debian security:
>
>> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
>> which correct the bugs?
>
> There was a technical issue with the update process, which has been
> resolved now.  Updates will be released in due course.


Hello,

I did the security upgraded on one of my DNS servers running bind9 on a
Lenny platform and it removed bind9 all together. I had to go in and
reinstall bind9. I did this last night.

Ken


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/Pine.LNX.4.64.1012130825280.16481@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Florian Weimer
* Account for Debian group mail:

> On Fri, 10 Dec 2010, Florian Weimer wrote:
>
>> * Debian security:
>>
>>> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
>>> which correct the bugs?
>>
>> There was a technical issue with the update process, which has been
>> resolved now.  Updates will be released in due course.
>
>
> Hello,
>
> I did the security upgraded on one of my DNS servers running bind9 on
> a Lenny platform and it removed bind9 all together. I had to go in and
> reinstall bind9. I did this last night.

Could you show us the relevant lines from /var/log/dpkg.log, please?
Thanks.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/87lj3two09.fsf@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Debian security
In reply to this post by Account for Debian group mail
Le lundi 13 décembre 2010 à 08:29 -0800, Account for Debian group mail a écrit :
On Fri, 10 Dec 2010, Florian Weimer wrote:

> * Debian security:
>
>> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
>> which correct the bugs?
>
> There was a technical issue with the update process, which has been
> resolved now.  Updates will be released in due course.


Hello,

I did the security upgraded on one of my DNS servers running bind9 on a 
Lenny platform and it removed bind9 all together. I had to go in and 
reinstall bind9. I did this last night.

Ken

Just did the upgrade here on Two Debian Lenny DNS server (one authoritative and one resolver) and got no problem...
At least not what's described here or none I have seen yet.

Alex
Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Account for Debian group mail
In reply to this post by Florian Weimer
On Mon, 13 Dec 2010, Florian Weimer wrote:

> * Account for Debian group mail:
>
>> On Fri, 10 Dec 2010, Florian Weimer wrote:
>>
>>> * Debian security:
>>>
>>>> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
>>>> which correct the bugs?
>>>
>>> There was a technical issue with the update process, which has been
>>> resolved now.  Updates will be released in due course.
>>
>>
>> Hello,
>>
>> I did the security upgraded on one of my DNS servers running bind9 on
>> a Lenny platform and it removed bind9 all together. I had to go in and
>> reinstall bind9. I did this last night.
>
> Could you show us the relevant lines from /var/log/dpkg.log, please?


Sure! I not sure what you might call being relevant so I included all
lines that are there for this session. Please excuse all the stuff that
was installed, it has been a few weeks since the last update.

Here are the lines:

2010-12-12 23:35:02 startup packages remove
2010-12-12 23:35:02 status installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 remove bind9 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:07 status half-configured bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status triggers-pending man-db 2.5.2-4
2010-12-12 23:35:07 status half-installed bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 remove dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:07 status half-configured dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files dnsutils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status not-installed dnsutils <none>
2010-12-12 23:35:07 status installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 remove bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:07 status half-configured bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9-host 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status not-installed bind9-host <none>
2010-12-12 23:35:07 status installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 remove bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:07 status half-configured bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status half-installed bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:07 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files bind9utils 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status not-installed bind9utils <none>
2010-12-12 23:35:08 status installed libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 remove libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:08 status half-configured libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status half-installed libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files libbind9-50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status installed libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 remove libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:35:08 status half-configured libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status half-installed libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 status config-files libisccfg50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:35:08 trigproc man-db 2.5.2-4 2.5.2-4
2010-12-12 23:35:08 status half-configured man-db 2.5.2-4
2010-12-12 23:35:09 status installed man-db 2.5.2-4
2010-12-12 23:35:12 startup archives unpack
2010-12-12 23:35:12 upgrade base-files 5lenny7 5lenny8
2010-12-12 23:35:12 status half-configured base-files 5lenny7
2010-12-12 23:35:13 status unpacked base-files 5lenny7
2010-12-12 23:35:13 status half-installed base-files 5lenny7
2010-12-12 23:35:13 status triggers-pending man-db 2.5.2-4
2010-12-12 23:35:13 status half-installed base-files 5lenny7
2010-12-12 23:35:13 status half-installed base-files 5lenny7
2010-12-12 23:35:13 status unpacked base-files 5lenny8
2010-12-12 23:35:13 status unpacked base-files 5lenny8
2010-12-12 23:35:13 trigproc man-db 2.5.2-4 2.5.2-4
2010-12-12 23:35:13 status half-configured man-db 2.5.2-4
2010-12-12 23:35:13 status installed man-db 2.5.2-4
2010-12-12 23:35:16 startup packages configure
2010-12-12 23:35:16 configure base-files 5lenny8 5lenny8
2010-12-12 23:35:16 status unpacked base-files 5lenny8
2010-12-12 23:35:17 status unpacked base-files 5lenny8
2010-12-12 23:35:17 status unpacked base-files 5lenny8
2010-12-12 23:35:17 status unpacked base-files 5lenny8
2010-12-12 23:35:17 status unpacked base-files 5lenny8
2010-12-12 23:35:17 status half-configured base-files 5lenny8
2010-12-12 23:35:17 status installed base-files 5lenny8
2010-12-12 23:35:19 startup archives unpack
2010-12-12 23:35:20 upgrade dpkg 1.14.29+b1 1.14.30
2010-12-12 23:35:20 status half-configured dpkg 1.14.29+b1
2010-12-12 23:35:21 status unpacked dpkg 1.14.29+b1
2010-12-12 23:35:21 status half-installed dpkg 1.14.29+b1
2010-12-12 23:35:21 status triggers-pending man-db 2.5.2-4
2010-12-12 23:35:22 status half-installed dpkg 1.14.29+b1
2010-12-12 23:35:22 status half-installed dpkg 1.14.29+b1
2010-12-12 23:35:22 status unpacked dpkg 1.14.30
2010-12-12 23:35:22 status unpacked dpkg 1.14.30
2010-12-12 23:35:22 trigproc man-db 2.5.2-4 2.5.2-4
2010-12-12 23:35:22 status half-configured man-db 2.5.2-4
2010-12-12 23:35:23 status installed man-db 2.5.2-4
2010-12-12 23:35:26 startup packages configure
2010-12-12 23:35:26 configure dpkg 1.14.30 1.14.30
2010-12-12 23:35:26 status unpacked dpkg 1.14.30
2010-12-12 23:35:26 status unpacked dpkg 1.14.30
2010-12-12 23:35:26 status unpacked dpkg 1.14.30
2010-12-12 23:35:26 status unpacked dpkg 1.14.30
2010-12-12 23:35:26 status unpacked dpkg 1.14.30
2010-12-12 23:35:26 status half-configured dpkg 1.14.30
2010-12-12 23:35:26 status installed dpkg 1.14.30
2010-12-12 23:35:29 startup archives unpack
2010-12-12 23:35:29 upgrade linux-image-2.6.26-2-486 2.6.26-25lenny1 2.6.26-26lenny1
2010-12-12 23:35:29 status half-configured linux-image-2.6.26-2-486 2.6.26-25lenny1
2010-12-12 23:35:31 status unpacked linux-image-2.6.26-2-486 2.6.26-25lenny1
2010-12-12 23:35:31 status half-installed linux-image-2.6.26-2-486 2.6.26-25lenny1
2010-12-12 23:35:37 status half-installed linux-image-2.6.26-2-486 2.6.26-25lenny1
2010-12-12 23:35:40 status unpacked linux-image-2.6.26-2-486 2.6.26-26lenny1
2010-12-12 23:35:41 status unpacked linux-image-2.6.26-2-486 2.6.26-26lenny1
2010-12-12 23:35:42 upgrade linux-image-2.6.26-2-686 2.6.26-25lenny1 2.6.26-26lenny1
2010-12-12 23:35:42 status half-configured linux-image-2.6.26-2-686 2.6.26-25lenny1
2010-12-12 23:35:42 status unpacked linux-image-2.6.26-2-686 2.6.26-25lenny1
2010-12-12 23:35:42 status half-installed linux-image-2.6.26-2-686 2.6.26-25lenny1
2010-12-12 23:35:46 status half-installed linux-image-2.6.26-2-686 2.6.26-25lenny1
2010-12-12 23:35:49 status unpacked linux-image-2.6.26-2-686 2.6.26-26lenny1
2010-12-12 23:35:50 status unpacked linux-image-2.6.26-2-686 2.6.26-26lenny1
2010-12-12 23:35:50 upgrade tzdata 2010j-0lenny1 2010o-0lenny1
2010-12-12 23:35:50 status half-configured tzdata 2010j-0lenny1
2010-12-12 23:35:50 status unpacked tzdata 2010j-0lenny1
2010-12-12 23:35:50 status half-installed tzdata 2010j-0lenny1
2010-12-12 23:35:51 status half-installed tzdata 2010j-0lenny1
2010-12-12 23:35:51 status unpacked tzdata 2010o-0lenny1
2010-12-12 23:35:51 status unpacked tzdata 2010o-0lenny1
2010-12-12 23:35:53 startup packages configure
2010-12-12 23:35:53 configure tzdata 2010o-0lenny1 2010o-0lenny1
2010-12-12 23:35:53 status unpacked tzdata 2010o-0lenny1
2010-12-12 23:35:54 status half-configured tzdata 2010o-0lenny1
2010-12-12 23:35:55 status installed tzdata 2010o-0lenny1
2010-12-12 23:35:57 startup archives unpack
2010-12-12 23:35:58 upgrade libssl-dev 0.9.8g-15+lenny8 0.9.8g-15+lenny9
2010-12-12 23:35:58 status half-configured libssl-dev 0.9.8g-15+lenny8
2010-12-12 23:35:58 status unpacked libssl-dev 0.9.8g-15+lenny8
2010-12-12 23:35:58 status half-installed libssl-dev 0.9.8g-15+lenny8
2010-12-12 23:35:58 status triggers-pending man-db 2.5.2-4
2010-12-12 23:35:59 status half-installed libssl-dev 0.9.8g-15+lenny8
2010-12-12 23:35:59 status half-installed libssl-dev 0.9.8g-15+lenny8
2010-12-12 23:35:59 status unpacked libssl-dev 0.9.8g-15+lenny9
2010-12-12 23:35:59 status unpacked libssl-dev 0.9.8g-15+lenny9
2010-12-12 23:35:59 upgrade libssl0.9.8 0.9.8g-15+lenny8 0.9.8g-15+lenny9
2010-12-12 23:35:59 status half-configured libssl0.9.8 0.9.8g-15+lenny8
2010-12-12 23:35:59 status unpacked libssl0.9.8 0.9.8g-15+lenny8
2010-12-12 23:35:59 status half-installed libssl0.9.8 0.9.8g-15+lenny8
2010-12-12 23:35:59 status half-installed libssl0.9.8 0.9.8g-15+lenny8
2010-12-12 23:36:00 status unpacked libssl0.9.8 0.9.8g-15+lenny9
2010-12-12 23:36:00 status unpacked libssl0.9.8 0.9.8g-15+lenny9
2010-12-12 23:36:00 upgrade libkrb5-dev 1.6.dfsg.4~beta1-5lenny4 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status half-configured libkrb5-dev 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkrb5-dev 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkrb5-dev 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkrb5-dev 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkrb5-dev 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkrb5-dev 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status unpacked libkrb5-dev 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 upgrade libkadm55 1.6.dfsg.4~beta1-5lenny4 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status half-configured libkadm55 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkadm55 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkadm55 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkadm55 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkadm55 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status unpacked libkadm55 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 upgrade libkrb53 1.6.dfsg.4~beta1-5lenny4 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status half-configured libkrb53 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkrb53 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkrb53 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status half-installed libkrb53 1.6.dfsg.4~beta1-5lenny4
2010-12-12 23:36:00 status unpacked libkrb53 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 status unpacked libkrb53 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:00 upgrade libxml2 2.6.32.dfsg-5+lenny1 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:00 status half-configured libxml2 2.6.32.dfsg-5+lenny1
2010-12-12 23:36:00 status unpacked libxml2 2.6.32.dfsg-5+lenny1
2010-12-12 23:36:00 status half-installed libxml2 2.6.32.dfsg-5+lenny1
2010-12-12 23:36:00 status half-installed libxml2 2.6.32.dfsg-5+lenny1
2010-12-12 23:36:01 status unpacked libxml2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:01 status unpacked libxml2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:01 upgrade bind9-doc 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:01 status half-configured bind9-doc 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:01 status unpacked bind9-doc 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:01 status half-installed bind9-doc 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:01 status half-installed bind9-doc 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:01 status unpacked bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:01 status unpacked bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:01 upgrade dpkg-dev 1.14.29 1.14.30
2010-12-12 23:36:01 status half-configured dpkg-dev 1.14.29
2010-12-12 23:36:01 status unpacked dpkg-dev 1.14.29
2010-12-12 23:36:01 status half-installed dpkg-dev 1.14.29
2010-12-12 23:36:01 status half-installed dpkg-dev 1.14.29
2010-12-12 23:36:01 status half-installed dpkg-dev 1.14.29
2010-12-12 23:36:01 status unpacked dpkg-dev 1.14.30
2010-12-12 23:36:01 status unpacked dpkg-dev 1.14.30
2010-12-12 23:36:01 upgrade dselect 1.14.29+b1 1.14.30
2010-12-12 23:36:01 status half-configured dselect 1.14.29+b1
2010-12-12 23:36:01 status unpacked dselect 1.14.29+b1
2010-12-12 23:36:01 status half-installed dselect 1.14.29+b1
2010-12-12 23:36:01 status half-installed dselect 1.14.29+b1
2010-12-12 23:36:01 status half-installed dselect 1.14.29+b1
2010-12-12 23:36:01 status unpacked dselect 1.14.30
2010-12-12 23:36:01 status unpacked dselect 1.14.30
2010-12-12 23:36:02 upgrade linux-libc-dev 2.6.26-25lenny1 2.6.26-26lenny1
2010-12-12 23:36:02 status half-configured linux-libc-dev 2.6.26-25lenny1
2010-12-12 23:36:02 status unpacked linux-libc-dev 2.6.26-25lenny1
2010-12-12 23:36:02 status half-installed linux-libc-dev 2.6.26-25lenny1
2010-12-12 23:36:02 status half-installed linux-libc-dev 2.6.26-25lenny1
2010-12-12 23:36:02 status unpacked linux-libc-dev 2.6.26-26lenny1
2010-12-12 23:36:02 status unpacked linux-libc-dev 2.6.26-26lenny1
2010-12-12 23:36:02 upgrade openssl 0.9.8g-15+lenny8 0.9.8g-15+lenny9
2010-12-12 23:36:02 status half-configured openssl 0.9.8g-15+lenny8
2010-12-12 23:36:02 status unpacked openssl 0.9.8g-15+lenny8
2010-12-12 23:36:02 status half-installed openssl 0.9.8g-15+lenny8
2010-12-12 23:36:02 status half-installed openssl 0.9.8g-15+lenny8
2010-12-12 23:36:02 status half-installed openssl 0.9.8g-15+lenny8
2010-12-12 23:36:02 status unpacked openssl 0.9.8g-15+lenny9
2010-12-12 23:36:02 status unpacked openssl 0.9.8g-15+lenny9
2010-12-12 23:36:03 upgrade liblwres50 1:9.6.ESV.R1+dfsg-0+lenny2 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:03 status half-configured liblwres50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:03 status unpacked liblwres50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:03 status half-installed liblwres50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:03 status half-installed liblwres50 1:9.6.ESV.R1+dfsg-0+lenny2
2010-12-12 23:36:03 status unpacked liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:03 status unpacked liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:03 trigproc man-db 2.5.2-4 2.5.2-4
2010-12-12 23:36:03 status half-configured man-db 2.5.2-4
2010-12-12 23:36:04 status installed man-db 2.5.2-4
2010-12-12 23:36:07 startup packages configure
2010-12-12 23:36:07 configure linux-image-2.6.26-2-486 2.6.26-26lenny1 2.6.26-26lenny1
2010-12-12 23:36:07 status unpacked linux-image-2.6.26-2-486 2.6.26-26lenny1
2010-12-12 23:36:09 status half-configured linux-image-2.6.26-2-486 2.6.26-26lenny1
2010-12-12 23:36:20 status installed linux-image-2.6.26-2-486 2.6.26-26lenny1
2010-12-12 23:36:20 configure linux-image-2.6.26-2-686 2.6.26-26lenny1 2.6.26-26lenny1
2010-12-12 23:36:20 status unpacked linux-image-2.6.26-2-686 2.6.26-26lenny1
2010-12-12 23:36:20 status half-configured linux-image-2.6.26-2-686 2.6.26-26lenny1
2010-12-12 23:36:28 status installed linux-image-2.6.26-2-686 2.6.26-26lenny1
2010-12-12 23:36:28 configure libssl0.9.8 0.9.8g-15+lenny9 0.9.8g-15+lenny9
2010-12-12 23:36:28 status unpacked libssl0.9.8 0.9.8g-15+lenny9
2010-12-12 23:36:28 status half-configured libssl0.9.8 0.9.8g-15+lenny9
2010-12-12 23:36:29 status installed libssl0.9.8 0.9.8g-15+lenny9
2010-12-12 23:36:29 configure libssl-dev 0.9.8g-15+lenny9 0.9.8g-15+lenny9
2010-12-12 23:36:29 status unpacked libssl-dev 0.9.8g-15+lenny9
2010-12-12 23:36:29 status half-configured libssl-dev 0.9.8g-15+lenny9
2010-12-12 23:36:29 status installed libssl-dev 0.9.8g-15+lenny9
2010-12-12 23:36:29 configure libkrb53 1.6.dfsg.4~beta1-5lenny6 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status unpacked libkrb53 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status half-configured libkrb53 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status installed libkrb53 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 configure libkadm55 1.6.dfsg.4~beta1-5lenny6 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status unpacked libkadm55 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status half-configured libkadm55 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:29 status installed libkadm55 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:30 configure libkrb5-dev 1.6.dfsg.4~beta1-5lenny6 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:30 status unpacked libkrb5-dev 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:30 status half-configured libkrb5-dev 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:30 status installed libkrb5-dev 1.6.dfsg.4~beta1-5lenny6
2010-12-12 23:36:30 configure libxml2 2.6.32.dfsg-5+lenny2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:30 status unpacked libxml2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:30 status half-configured libxml2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:30 status installed libxml2 2.6.32.dfsg-5+lenny2
2010-12-12 23:36:30 configure bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status unpacked bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status half-configured bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status installed bind9-doc 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 configure dpkg-dev 1.14.30 1.14.30
2010-12-12 23:36:30 status unpacked dpkg-dev 1.14.30
2010-12-12 23:36:30 status unpacked dpkg-dev 1.14.30
2010-12-12 23:36:30 status unpacked dpkg-dev 1.14.30
2010-12-12 23:36:30 status half-configured dpkg-dev 1.14.30
2010-12-12 23:36:30 status installed dpkg-dev 1.14.30
2010-12-12 23:36:30 configure dselect 1.14.30 1.14.30
2010-12-12 23:36:30 status unpacked dselect 1.14.30
2010-12-12 23:36:30 status unpacked dselect 1.14.30
2010-12-12 23:36:30 status half-configured dselect 1.14.30
2010-12-12 23:36:30 status installed dselect 1.14.30
2010-12-12 23:36:30 configure linux-libc-dev 2.6.26-26lenny1 2.6.26-26lenny1
2010-12-12 23:36:30 status unpacked linux-libc-dev 2.6.26-26lenny1
2010-12-12 23:36:30 status half-configured linux-libc-dev 2.6.26-26lenny1
2010-12-12 23:36:30 status installed linux-libc-dev 2.6.26-26lenny1
2010-12-12 23:36:30 configure openssl 0.9.8g-15+lenny9 0.9.8g-15+lenny9
2010-12-12 23:36:30 status unpacked openssl 0.9.8g-15+lenny9
2010-12-12 23:36:30 status unpacked openssl 0.9.8g-15+lenny9
2010-12-12 23:36:30 status half-configured openssl 0.9.8g-15+lenny9
2010-12-12 23:36:30 status installed openssl 0.9.8g-15+lenny9
2010-12-12 23:36:30 configure liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status unpacked liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status half-configured liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1
2010-12-12 23:36:30 status installed liblwres50 1:9.6.ESV.R3+dfsg-0+lenny1


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/Pine.LNX.4.64.1012131005250.16481@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Account for Debian group mail
In reply to this post by Account for Debian group mail


Well I waited to see if someone came our with a solution to this problem,
none seen. So I'm updating another machine, here is what "dselect" is
showing me:


  *** Req admin    base-files   5lenny7     5lenny8     Debian base system miscellaneous files
  *** Req admin    dpkg         1.14.29+b1  1.14.30     Debian package management system
     ....... Updated Required packages in section libs .......
  *** Req libs     libc6        2.7-18lenny 2.7-18lenny GNU C Library: Shared libraries
  *** Req libs     tzdata       2010j-0lenn 2010o-0lenn time zone and daylight-saving time data
     ..... Updated Important packages .....
     ....... Updated Important packages in section libs .......
  *** Imp libs     libssl0.9.8  0.9.8g-15+l 0.9.8g-15+l SSL shared libraries
     ..... Updated Standard packages .....
     ....... Updated Standard packages in section libs .......
  *** Std libs     libbind9-50  1:9.6.ESV.R 1:9.6.ESV.R BIND9 Shared Library used by BIND
  *** Std libs     libisccc50   1:9.6.ESV.R 1:9.6.ESV.R Command Channel Library used by BIND
  *** Std libs     libisccfg50  1:9.6.ESV.R 1:9.6.ESV.R Config File Handling Library used by BIND
  *** Std libs     libkrb53     1.6.dfsg.4~ 1.6.dfsg.4~ MIT Kerberos runtime libraries
  *** Std libs     liblwres50   1:9.6.ESV.R 1:9.6.ESV.R Lightweight Resolver Library used by BIND
  *** Std libs     libxml2      2.6.32.dfsg 2.6.32.dfsg GNOME XML library
  *** Std libs     locales      2.7-18lenny 2.7-18lenny GNU C Library: National Language (locale) data [support]
     ....... Updated Standard packages in section net .......
  *** Std net      bind9-host   1:9.6.ESV.R 1:9.6.ESV.R Version of 'host' bundled with BIND 9.X
  *** Std net      dnsutils     1:9.6.ESV.R 1:9.6.ESV.R Clients provided with BIND

     ..... Updated Optional packages .....
     ....... Updated Optional packages in section admin .......
  *** Opt admin    dselect      1.14.29+b1  1.14.30     Debian package management front-end
  *** Opt admin    linux-image- 2.6.26-25le 2.6.26-26le Linux 2.6.26 image on PPro/Celeron/PII/PIII/P4
     ....... Updated Optional packages in section devel .......
  *** Opt devel    linux-libc-d 2.6.26-25le 2.6.26-26le Linux support headers for userspace development
     ....... Updated Optional packages in section doc .......
  *** Opt doc      bind9-doc    1:9.6.ESV.R 1:9.6.ESV.R Documentation for BIND
  *** Opt doc      krb5-doc     1.6.dfsg.4~ 1.6.dfsg.4~ Documentation for MIT Kerberos
  *** Opt doc      postgresql-d 8.3.11-0len 8.3.12-0len documentation for the PostgreSQL database management system
  *** Opt doc      postgresql-d 8.3.11-0len 8.3.12-0len documentation for the PostgreSQL database management system
     ....... Updated Optional packages in section libdevel .......
  *** Opt libdevel libc6-dev    2.7-18lenny 2.7-18lenny GNU C Library: Development Libraries and Header Files
  *** Opt libdevel libc6-dev-am 2.7-18lenny 2.7-18lenny GNU C Library: 64bit Development Libraries for AMD64
  *** Opt libdevel libfreetype6 2.3.7-2+len 2.3.7-2+len FreeType 2 font engine, development files
  *** Opt libdevel libssl-dev   0.9.8g-15+l 0.9.8g-15+l SSL development libraries, header files and documentation
  *** Opt libdevel libxml2-dev  2.6.32.dfsg 2.6.32.dfsg Development files for the GNOME XML library
     ....... Updated Optional packages in section libs .......
  *** Opt libs     libaprutil1  1.2.12+dfsg 1.2.12+dfsg The Apache Portable Runtime Utility Library
  *** Opt libs     libc6-amd64  2.7-18lenny 2.7-18lenny GNU C Library: 64bit Shared libraries for AMD64
  *** Opt libs     libfreetype6 2.3.7-2+len 2.3.7-2+len FreeType 2 font engine, shared library files
  *** Opt libs     libkadm55    1.6.dfsg.4~ 1.6.dfsg.4~ MIT Kerberos administration runtime libraries
  *** Opt libs     libpq5       8.3.11-0len 8.3.12-0len PostgreSQL C client library
     ....... Updated Optional packages in section misc .......
  *** Opt misc     postgresql-c 8.3.11-0len 8.3.12-0len front-end programs for PostgreSQL (supported version)
  *** Opt misc     postgresql-c 8.3.11-0len 8.3.12-0len front-end programs for PostgreSQL 8.3
     ....... Updated Optional packages in section net .......
  *** Opt net      bind9        1:9.6.ESV.R 1:9.6.ESV.R Internet Domain Name Server
  *** Opt net      bind9utils   1:9.6.ESV.R 1:9.6.ESV.R Utilities for BIND
     ....... Updated Optional packages in section utils .......
  *** Opt utils    dpkg-dev     1.14.29     1.14.30     Debian package development tools
  *** Opt utils    openssl      0.9.8g-15+l 0.9.8g-15+l Secure Socket Layer (SSL) binary and related cryptographic tools
     ..... Updated Extra packages .....
     ....... Updated Extra packages in section libdevel .......
  *** Xtr libdevel libkrb5-dev  1.6.dfsg.4~ 1.6.dfsg.4~ Headers and development libraries for MIT Kerberos
     ....... Updated Extra packages in section libs .......
  *** Xtr libs     libc6-i686   2.7-18lenny 2.7-18lenny GNU C Library: Shared libraries [i686 optimized]

OK as you can see it is going to update bind9 and bind9utils along with
other libaries needed for bind9. So let's do the update:


Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED
   bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50
The following packages will be upgraded:
   base-files bind9-doc dpkg dpkg-dev dselect krb5-doc libaprutil1 libc6
libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686
   libfreetype6 libfreetype6-dev libkadm55 libkrb5-dev libkrb53 liblwres50
libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev
   linux-image-2.6.26-2-686 linux-libc-dev locales openssl
postgresql-client postgresql-client-8.3 postgresql-doc
   postgresql-doc-8.3 tzdata
32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded.
Need to get 62.6MB of archives.
After this operation, 5464kB of additional disk space will be used.
Do you want to continue [Y/n]?

Look at this! it wants to REMOVE "bind9 bind9-host bind9utils dnsutils
libbind9-50 libisccfg50".

What is going wrong here?

Thanks,

Ken






On Mon, 13 Dec 2010, Account for Debian group mail wrote:

> On Fri, 10 Dec 2010, Florian Weimer wrote:
>
>> * Debian security:
>>
>>> Is there any plan to upgrade the bind version in debian to 9.6-ESV-R3
>>> which correct the bugs?
>>
>> There was a technical issue with the update process, which has been
>> resolved now.  Updates will be released in due course.
>
>
> Hello,
>
> I did the security upgraded on one of my DNS servers running bind9 on a Lenny
> platform and it removed bind9 all together. I had to go in and reinstall
> bind9. I did this last night.
>
> Ken
>
>
> --
> To UNSUBSCRIBE, email to [hidden email]
> with a subject of "unsubscribe". Trouble? Contact [hidden email]
> Archive:
> http://lists.debian.org/Pine.LNX.4.64.1012130825280.16481@...
>


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/Pine.LNX.4.64.1012281824210.17878@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Carlos Alberto Lopez Perez
On 12/29/2010 03:34 AM, Account for Debian group mail wrote:

> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> The following packages will be REMOVED
>   bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50
> The following packages will be upgraded:
>   base-files bind9-doc dpkg dpkg-dev dselect krb5-doc libaprutil1 libc6
> libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686
>   libfreetype6 libfreetype6-dev libkadm55 libkrb5-dev libkrb53 liblwres50
> libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev
>   linux-image-2.6.26-2-686 linux-libc-dev locales openssl postgresql-client
> postgresql-client-8.3 postgresql-doc
>   postgresql-doc-8.3 tzdata
> 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded.
> Need to get 62.6MB of archives.
> After this operation, 5464kB of additional disk space will be used.
> Do you want to continue [Y/n]?
>
> Look at this! it wants to REMOVE "bind9 bind9-host bind9utils dnsutils
> libbind9-50 libisccfg50".
>
> What is going wrong here?
>
Try to use aptitude, it makes smarter decisions when solving package
dependencies than apt/dselect

# aptitude update && aptitude safe-upgrade


signature.asc (270 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Account for Debian group mail
On Wed, 29 Dec 2010, Carlos Alberto Lopez Perez wrote:

> On 12/29/2010 03:34 AM, Account for Debian group mail wrote:
>> Reading package lists... Done
>> Building dependency tree
>> Reading state information... Done
>> The following packages will be REMOVED
>>   bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50
>> The following packages will be upgraded:
>>   base-files bind9-doc dpkg dpkg-dev dselect krb5-doc libaprutil1 libc6
>> libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686
>>   libfreetype6 libfreetype6-dev libkadm55 libkrb5-dev libkrb53 liblwres50
>> libpq5 libssl-dev libssl0.9.8 libxml2 libxml2-dev
>>   linux-image-2.6.26-2-686 linux-libc-dev locales openssl postgresql-client
>> postgresql-client-8.3 postgresql-doc
>>   postgresql-doc-8.3 tzdata
>> 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded.
>> Need to get 62.6MB of archives.
>> After this operation, 5464kB of additional disk space will be used.
>> Do you want to continue [Y/n]?
>>
>> Look at this! it wants to REMOVE "bind9 bind9-host bind9utils dnsutils
>> libbind9-50 libisccfg50".
>>
>> What is going wrong here?
>>
>
> Try to use aptitude, it makes smarter decisions when solving package
> dependencies than apt/dselect
>
> # aptitude update && aptitude safe-upgrade

Are you saying that dselect is no longer usefull on doing security
upgrades? I've been using dselect for over 15 years doing just that. The
only time I've used aptitude is for doing major version upgrades. If there
is a problem with dselect let's get it fixed or remove it from use.

Thanks,

Ken


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/Pine.LNX.4.64.1012300435290.26158@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Carlos Alberto Lopez Perez
On 12/30/2010 01:40 PM, Account for Debian group mail wrote:
>
> Are you saying that dselect is no longer usefull on doing security
> upgrades? I've been using dselect for over 15 years doing just that. The
> only time I've used aptitude is for doing major version upgrades. If there
> is a problem with dselect let's get it fixed or remove it from use.

No, I am simply saying that aptitude simply solves better the dependencies
than dselect [1], so, if you have problems because dselect is choosing a
solution that you don't like when solving package dependencies then give a
try to aptitude.


[1]
I was attacked by dselect as a small child and have since avoided debian. –
Andrew Morton  http://en.wikipedia.org/wiki/Dselect
http://www.debian.org/doc/FAQ/ch-uptodate.en.html


signature.asc (270 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Adam D. Barratt
In reply to this post by Account for Debian group mail
On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote:
>
> Well I waited to see if someone came our with a solution to this problem,
> none seen. So I'm updating another machine, here is what "dselect" is
> showing me:

What that output doesn't include, which it should, is that there should
be two *new* packages to install - namely libdns58 and libisc50; were
those mentioned at any point in the process of selecting the updated
bind9 packages for installation?

[...]
> OK as you can see it is going to update bind9 and bind9utils along with
> other libaries needed for bind9. So let's do the update:
[...]
> The following packages will be upgraded:
[package list including liblwres50]
> The following packages will be REMOVED
>    bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50
> The following packages will be upgraded:
[...]
> 32 upgraded, 0 newly installed, 6 to remove and 1 not upgraded.

The last line looks odd, given that there should be two newly installed
packages (see above).  The fact that liblwres50 manages to get upgraded
and the lack of the new packages being installed suggests that dselect
has been told that it may not install the new packages and the conflict
between that and being asked to upgrade packages which depend on the new
packages has been "solved" by removing the "problem" packages.

It's been a long time since I've used dselect so I may have
misremembered the proposals it would make in this case.  I would
certainly have expected it to prompt for the installation of libdns58
and libisc50 though.

Regards,

Adam


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/1293735458.3190.200.camel@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Jim Popovitch-2
On Thu, Dec 30, 2010 at 13:57, Adam D. Barratt <[hidden email]> wrote:

> On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote:
>>
>> Well I waited to see if someone came our with a solution to this problem,
>> none seen. So I'm updating another machine, here is what "dselect" is
>> showing me:
>
> What that output doesn't include, which it should, is that there should
> be two *new* packages to install - namely libdns58 and libisc50; were
> those mentioned at any point in the process of selecting the updated
> bind9 packages for installation?

I used dselect to do the bind libs updates.   The dependency mismatch
was handled by dselect, and I had to approve what appeared a downgrade
to libisc/dns.  I really don't remember why, but my thought at the
time was that I needed to find a way to purge all libdns and libisc
packages because I don't run bind and only need dig/host/nslookup
functionality on those boxes.

Seriously though, dnsutils needs some overhaul and cleanup

-Jim P.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/AANLkTinwAN1Re0V12thi6B_uoMogGBHg3YEkJt2cJKe8@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Jim Popovitch-2
On Thu, Dec 30, 2010 at 14:07, Jim Popovitch <[hidden email]> wrote:

> On Thu, Dec 30, 2010 at 13:57, Adam D. Barratt <[hidden email]> wrote:
>> On Tue, 2010-12-28 at 18:34 -0800, Account for Debian group mail wrote:
>>>
>>> Well I waited to see if someone came our with a solution to this problem,
>>> none seen. So I'm updating another machine, here is what "dselect" is
>>> showing me:
>>
>> What that output doesn't include, which it should, is that there should
>> be two *new* packages to install - namely libdns58 and libisc50; were
>> those mentioned at any point in the process of selecting the updated
>> bind9 packages for installation?
>
> I used dselect to do the bind libs updates.   The dependency mismatch
> was handled by dselect, and I had to approve what appeared a downgrade
> to libisc/dns.  I really don't remember why, but my thought at the
> time was that I needed to find a way to purge all libdns and libisc
> packages because I don't run bind and only need dig/host/nslookup
> functionality on those boxes.
>
> Seriously though, dnsutils needs some overhaul and cleanup

Further, it's worth pointing out that after the bind libs update, the
libbind9-40* libdns45* libisc45* libisccc40* libisccfg40* liblwres40*
libs were not removed by a simple apt-get autoremove.


-Jim P.


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/AANLkTikHytLTo1z82JgvqtgCvjw0ZHf8vdPtok3awjT_@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Adam D. Barratt
In reply to this post by Jim Popovitch-2
On Thu, 2010-12-30 at 14:07 -0500, Jim Popovitch wrote:
> I used dselect to do the bind libs updates.   The dependency mismatch
> was handled by dselect, and I had to approve what appeared a downgrade
> to libisc/dns.

I'm guessing this was the package name change from libisc52 to libisc50;
largely, the package name should not have reached libisc52, as the
soname was still 50, and that has now been corrected (see also #584585).

libdns otoh should have been an "upgrade" from libdns55 to libdns58.

Regards,

Adam


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/1293736881.3190.307.camel@...

Reply | Threaded
Open this post in threaded view
|

Re: Bind security announce

Account for Debian group mail


Adam,

Adding libdns58 and libisc50 solved the problem. Here is the dselect
output:

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED
   libdns55 libisc52
The following NEW packages will be installed
   libdns58 libisc50
The following packages will be upgraded:
   apache2-doc apache2-mpm-prefork apache2-utils apache2.2-common base-files bind9 bind9-doc bind9-host bind9utils dnsutils
   dpkg dpkg-dev dselect krb5-doc libaprutil1 libbind9-50 libc6 libc6-amd64 libc6-dev libc6-dev-amd64 libc6-i686 libfreetype6
   libfreetype6-dev libisccc50 libisccfg50 libkadm55 libkrb5-dev libkrb53 liblwres50 libpq5 libssl-dev libssl0.9.8 libxml2
   libxml2-dev linux-image-2.6.26-2-686 linux-libc-dev locales openssl phpmyadmin postgresql-client postgresql-client-8.3
   postgresql-doc postgresql-doc-8.3 tzdata44 upgraded, 2 newly installed, 2 to remove and 0 not upgraded.
Need to get 70.2MB of archives.
After this operation, 7479kB of additional disk space will be used.
Do you want to continue [Y/n]?

So there needs to be a correction in the file so it know to add the new
files libdns58 and libisc50.

Thanks,

Ken



On Thu, 30 Dec 2010, Adam D. Barratt wrote:

> On Thu, 2010-12-30 at 14:07 -0500, Jim Popovitch wrote:
>> I used dselect to do the bind libs updates.   The dependency mismatch
>> was handled by dselect, and I had to approve what appeared a downgrade
>> to libisc/dns.
>
> I'm guessing this was the package name change from libisc52 to libisc50;
> largely, the package name should not have reached libisc52, as the
> soname was still 50, and that has now been corrected (see also #584585).
>
> libdns otoh should have been an "upgrade" from libdns55 to libdns58.
>
> Regards,
>
> Adam
>
>
> --
> To UNSUBSCRIBE, email to [hidden email]
> with a subject of "unsubscribe". Trouble? Contact [hidden email]
> Archive: http://lists.debian.org/1293736881.3190.307.camel@...
>


--
To UNSUBSCRIBE, email to [hidden email]
with a subject of "unsubscribe". Trouble? Contact [hidden email]
Archive: http://lists.debian.org/Pine.LNX.4.64.1101061349110.5233@...