LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LK2008: The values of the Linux community

LWN.net Weekly Edition for October 9, 2008

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2007-4655 (bind)



From:
    	      updates@fedoraproject.org


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora 8 Update: bind-9.5.0-20.b1.fc8


Date:
    	      Thu, 20 Dec 2007 12:49:29 -0700


Message-ID:
    	      <200712201949.lBKJnVQ8025472@bastion.fedora.phx.redhat.com>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-4655
2007-12-20 00:53:33
--------------------------------------------------------------------------------

Name        : bind
Product     : Fedora 8
Version     : 9.5.0
Release     : 20.b1.fc8
URL         : http://www.isc.org/products/BIND/
Summary     : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server
Description :
BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols. BIND includes a DNS server (named),
which resolves host names to IP addresses; a resolver library
(routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating properly.

--------------------------------------------------------------------------------
Update Information:

- bind-chroot-admin called restorecon on /proc filesystem (#405281)
- 9.5.0b1 release (#405281, #392491)
- stop with initscript will fail if rndc was disabled (#417431)
- fixed IDN support in dig and host utilities (#412241)
- added dst/gssapi.h to -devel subpackage (#419091)
- CVE-2007-6283 - /etc/rndc.key file had insecure permissions
--------------------------------------------------------------------------------
ChangeLog:

* Wed Dec 19 2007 Adam Tkac <atkac redhat com> 32:9.5.0-20.b1
- CVE-2007-6283
* Wed Dec 12 2007 Adam Tkac <atkac redhat com> 32:9.5.0-19.2.b1
- added dst/gssapi.h to -devel subpackage (#419091)
- improved fix for (#417431)
* Mon Dec 10 2007 Adam Tkac <atkac redhat com> 32:9.5.0-19.1.b1
- fixed shutdown with initscript when rndc doesn't work (#417431)
- fixed IDN patch (#412241)
* Thu Dec  6 2007 Adam Tkac <atkac redhat com> 32:9.5.0-19.b1
- 9.5.0b1 (#405281, #392491)
* Mon Dec  3 2007 Adam Tkac <atkac redhat com> 32:9.5.0-18.3.a7
- removed bind-9.5-random_ports.patch because upstream doesn't
  like it. query-source{,-v6} is sufficient
- bind-chroot-admin called restorecon on /proc filesystem (#405281)
* Tue Nov 20 2007 Adam Tkac <atkac redhat com> 32:9.5.0-18.2.a7
- use system port selector instead ISC's (#391931)
* Mon Nov 19 2007 Adam Tkac <atkac redhat com> 32:9.5.0-18.a7
- removed statement from initscript which passes -D to named
* Thu Nov 15 2007 Adam Tkac <atkac redhat com> 32:9.5.0-17.a7
- 9.5.0a7
- dropped patches (upstream)
  - bind-9.5-update.patch
  - bind-9.5-pool_badfree.patch
  - bind-9.5-_res_errno.patch
* Thu Nov 15 2007 Adam Tkac <atkac redhat com> 32:9.5.0-16.3.a6
- added bind-sdb again, contains SDB modules and DLZ modules
- bind-9.3.1rc1-sdb.patch replaced by bind-9.5-sdb.patch
* Mon Nov 12 2007 Adam Tkac <atkac redhat com> 32:9.5.0-16.2.a6
- removed Requires: openldap, postgresql, mysql, db4, unixODBC (#374261)
- new L.ROOT-SERVERS.NET address
* Mon Oct 29 2007 Adam Tkac <atkac redhat com> 32:9.5.0-16.1.a6
- completely disable DBUS (#339191)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #392491 - view address match list isn't working properly
        https://bugzilla.redhat.com/show_bug.cgi?id=392491
  [ 2 ] Bug #405281 - SELinux is preventing /sbin/setfiles (named_conf_t) "associate" to <Unknown>
(proc_t).
        https://bugzilla.redhat.com/show_bug.cgi?id=405281
  [ 3 ] Bug #412241 - host command does not show NXDOMAIN for non-existent reversals
        https://bugzilla.redhat.com/show_bug.cgi?id=412241
  [ 4 ] Bug #417431 - Name Daemon does not gracefully shutdown
        https://bugzilla.redhat.com/show_bug.cgi?id=417431
  [ 5 ] Bug #419091 - Missing <dst/gssapi.h> in bind-devel package
        https://bugzilla.redhat.com/show_bug.cgi?id=419091
  [ 6 ] Bug #423071 - CVE-2007-6283 bind: /etc/rndc.key has 644 permissions by default [f8]
        https://bugzilla.redhat.com/show_bug.cgi?id=423071
  [ 7 ] Bug #419421 - CVE-2007-6283 bind: /etc/rndc.key has 644 permissions by default
        https://bugzilla.redhat.com/show_bug.cgi?id=419421
--------------------------------------------------------------------------------
Updated packages:

2d9ebc78e3dd5806d17a153862f8ea182a243e79 bind-debuginfo-9.5.0-20.b1.fc8.ppc64.rpm
75a7aeb76f75238f500b0e07b0524181115e4b5b bind-chroot-9.5.0-20.b1.fc8.ppc64.rpm
0843934b6597229f0124fcb75f111e68e539d40e bind-devel-9.5.0-20.b1.fc8.ppc64.rpm
00083154ccfa68f44caa0a3a8f8ff015e66a9025 bind-utils-9.5.0-20.b1.fc8.ppc64.rpm
5c622c574e892c4744a8e73de734224f01f75ece bind-libs-9.5.0-20.b1.fc8.ppc64.rpm
9665a66da8ccb70e0bb075605336d4e8d0d0c0c3 bind-sdb-9.5.0-20.b1.fc8.ppc64.rpm
600c39486028ad993714d62da3aaacb79bbebc8a bind-9.5.0-20.b1.fc8.ppc64.rpm
05f52518b1fad4d49ed3baeddada8357d6bdeee3 bind-debuginfo-9.5.0-20.b1.fc8.i386.rpm
43b323a8a79cdec70ed79a08dc639af4a3a224cf bind-chroot-9.5.0-20.b1.fc8.i386.rpm
3dbf3166a83b279f7ff95615172c7bec5776862a bind-devel-9.5.0-20.b1.fc8.i386.rpm
66f63740ab4994dcb8fbc9b0af0985d53ac0c145 bind-utils-9.5.0-20.b1.fc8.i386.rpm
d7ce10862191d8876fb7d4539d38e8ad0c11ef70 bind-libs-9.5.0-20.b1.fc8.i386.rpm
aa1811d7e7c7e089191581a788efa3a02ce9b851 bind-sdb-9.5.0-20.b1.fc8.i386.rpm
518c089791361543084ce7e20247fed39e712cc5 bind-9.5.0-20.b1.fc8.i386.rpm
1adaf7b8c5584fa3c3ca87eb7a445f911013a7d5 bind-debuginfo-9.5.0-20.b1.fc8.x86_64.rpm
f2dee30c9cbf4150343c1cadeb856ca2cad28340 bind-chroot-9.5.0-20.b1.fc8.x86_64.rpm
9db3665e619e6ca6532f1b2b8f57c33ee7ddac0c bind-devel-9.5.0-20.b1.fc8.x86_64.rpm
69818249c4c45c6f3c3e1c2e12a0dfb86a293c19 bind-utils-9.5.0-20.b1.fc8.x86_64.rpm
cf21499073cd4e57b161af63750a4c0e2025ba51 bind-libs-9.5.0-20.b1.fc8.x86_64.rpm
12416bc4270267079c8d45437c939e1a2d2f7929 bind-sdb-9.5.0-20.b1.fc8.x86_64.rpm
59810671ccdfdc97a6f4c43364799338f6f1bda4 bind-9.5.0-20.b1.fc8.x86_64.rpm
68bd9e756f0fd5c555b2e98e01a86271c60fdafe bind-debuginfo-9.5.0-20.b1.fc8.ppc.rpm
f500b40dadeaff4a88d7b722213b87c142399fcb bind-chroot-9.5.0-20.b1.fc8.ppc.rpm
606b24956f92270b1be997b295c9990b6b1d6d82 bind-devel-9.5.0-20.b1.fc8.ppc.rpm
38bfae55679eb550439f220308b8f2c5c5ab03eb bind-utils-9.5.0-20.b1.fc8.ppc.rpm
aa91573cd6a1a35fcb8c4f7e474a9930fe8a5f4a bind-libs-9.5.0-20.b1.fc8.ppc.rpm
533c56c1d1c9e9b193c3c763f9b4132d14128d3a bind-sdb-9.5.0-20.b1.fc8.ppc.rpm
84d7e80d63339dc3a7f89c1df0d0634ec5955fb8 bind-9.5.0-20.b1.fc8.ppc.rpm
71ba31a6534854ed0dd843b1e24f853b11f011c9 bind-9.5.0-20.b1.fc8.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update bind' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds