servfail-ttl 0; option in the named.conf global section is crashing the named (BIND 9.10.6)
Mark Andrews
marka at isc.org
Mon Mar 5 06:21:06 UTC 2018
> On 5 Mar 2018, at 4:50 pm, Nagesh Thati <tcpnagesh at gmail.com> wrote:
>
> Hello,
>
> I have added a servfail-ttl 0; parameter in the named.conf file in the global section and restarted the named, but named is not coming up and I don't see any errors printing in the named.log. When I do a named-checkconf on named.conf it is giving error as UNKNOWN OPTION servfail-ttl. The version I am using is BIND 9.10.6 stable build. Can some one help me on this.
> Thanks.
>
> To fix this bug I have added above parameter CVE-2018-5734: A malformed request can trigger an assertion failure in badcache.c
CVE-2018-5734 does not apply to BIND 9.10.6 (which doesn’t have a servfail-ttl option).
CVE-2018-5734 applies to BIND 9.10.5-S1 to 9.10.5-S4, BIND 9.10.6-S1, 9.10.6-S2 (these versions have servfail-ttl as a option).
"named -v” will report which version of named you are running.
e.g
% named -v
BIND 9.10.6 <id:9d1ea0b7fe>
%
Parsing errors messages will be logged in the system log as named has not yet got far enough into the startup process to know to log the messages elsewhere.
Mark
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list