Hi On Thu, Apr 20, 2017 at 03:42:13PM +0300, Adrian Minta wrote: > Hi, > one of my servers crashed twice in the last 24 hours: > > Apr 20 14:51:22 SRV named[37412]: resolver.c:4350: INSIST(fctx->type == > ((dns_rdatatype_t)dns_rdatatype_any) || fctx->type == ((dns_rda > tatype_t)dns_rdatatype_rrsig) || fctx->type == > ((dns_rdatatype_t)dns_rdatatype_sig)) failed, back trace > Apr 20 14:51:22 SRV named[37412]: #0 0x7f9bde355a00 in ?? > Apr 20 14:51:22 SRV named[37412]: #1 0x7f9bdc5318ea in ?? > Apr 20 14:51:22 SRV named[37412]: #2 0x7f9bddc1714e in ?? > Apr 20 14:51:22 SRV named[37412]: #3 0x7f9bdc553d5b in ?? > Apr 20 14:51:22 SRV named[37412]: #4 0x7f9bdbf04064 in ?? > Apr 20 14:51:22 SRV named[37412]: #5 0x7f9bdb8d262d in ?? > Apr 20 14:51:22 SRV named[37412]: exiting (due to assertion failure) > > I suspect CVE-2017-3137 for this: > https://security-tracker.debian.org/tracker/CVE-2017-3137 > > # dpkg -l | grep bind9 > ii bind9 1:9.9.5.dfsg-9+deb8u10 amd64 Internet Domain > Name Server > ii bind9-host 1:9.9.5.dfsg-9+deb8u10 amd64 Version of > 'host' bundled with BIND 9.X > ii bind9utils 1:9.9.5.dfsg-9+deb8u10 amd64 Utilities for > BIND > ii libbind9-90 1:9.9.5.dfsg-9+deb8u10 amd64 BIND9 Shared > Library used by BIND > > > Any info or workaround for this vulnerability ?
If possible test the test packages at https://people.debian.org/~carnil/tmp/bind9/ Regards, Salvatore
