TITLE:  SSRT1-66U_V4_0F Tru64 V4.0F Potential Security Issues in BIND ECO Summary

IMPACT: Multiple Potential Security Issues in BIND  
        (X-REF: CERT CA-2000-20 & CERT CA-2001-02 )

  Versions Affected:   Compaq Tru64 UNIX  V4.0d, V4.0f, V4.0g,
                                    V5.0, V5.0a, V5.1 
  Versions Not Affected:   TCP/IP Services for Compaq OpenVMS 

A number of potential security vulnerabilities have recently been 
discovered for BIND released with Tru64 UNIX, where under certain 
circumstances, system integrity may be compromised.

This advisory provides solution information for 6 (six) issues 
spanning multiple versions of BIND 8.* and BIND 4.*

This patch fixes problems reported by CERT CA-2001-02. 

The named version number is
4.9.3-P1-plus-CA-98.05-patches-plus-CA-2001-02

Installation Instructions:
--------------------------
As superuser: (assume patch files are in /tmp)

        cp -p /usr/sbin/named /usr/sbin/named_orig
        cp ./named /usr/sbin/named
        chmod 0755 /usr/sbin/named
        chown bin:bin /usr/sbin/named
        
        cp -p /sbin/named /sbin/named_orig
        cp ./named_sbin /sbin/named
        chmod 0755 /sbin/named
        chown bin:bin /sbin/named

        
Stop and start named for the change to take effect.

	/sbin/init.d/named stop
	/sbin/init.d/named start