Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| ||||||||||||||||
Fedora alert FEDORA-2008-0904 (bind)
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-0904 2008-01-22 05:40:35 -------------------------------------------------------------------------------- Name : bind Product : Fedora 7 Version : 9.4.2 Release : 3.fc7 URL : http://www.isc.org/products/BIND/ Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. -------------------------------------------------------------------------------- Update Information: - CVE-2008-0122, libbind.so off-by-one buffer overflow, very low severity -------------------------------------------------------------------------------- ChangeLog: * Mon Jan 21 2008 Adam Tkac <atkac redhat com> 31:9.4.2-3 - CVE-2008-0122 * Wed Dec 19 2007 Adam Tkac <atkac redhat com> 31:9.4.2-2 - CVE-2007-6283 * Wed Dec 5 2007 Adam Tkac <atkac redhat com> 31:9.4.2-1.1 - update named.ca file (new L.ROOT-SERVERS.NET, #411141) * Thu Nov 29 2007 Adam Tkac <atkac redhat com> 31:9.4.2-1 - final 9.4.2 * Thu Nov 15 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.5.rc1 - updated to 9.4.2-rc2 * Mon Nov 12 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.4.1.rc1 - new L.ROOT-SERVERS.NET address * Tue Oct 9 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.4.rc1 - updated to 9.4.2rc1 - patches merged to upstream - bind-9.4-update.patch - bind-9.4-_res_errno.patch * Mon Sep 17 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.3.1.b1 - moved caching-nameserver chroot files to bind-chroot (#287321) * Thu Sep 6 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.3.b1 - patches bind-9.4-2119_revert.patch and libbind-9.3.1rc1-fix_h_errno.patch are obsoleted by bind-9.4-_res_errno.patch * Fri Aug 31 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.2.b1 - temporary revert ISC 2119 change which conflicts with our "libbind-errno" patch (#254501) * Tue Aug 21 2007 Adam Tkac <atkac redhat com> 31:9.4.2-0.1.b1 - updated to 9.4.2b1 - dropped patches - bind-bsdcompat (upstream) - bind-9.4-tsig-init (upstream) - bind-9.3.3rc2-dbus (obsoleted by bind-9.4-dbus.patch) - bind-9.4.0-dbus-race-condition.patch (upstream) - bind-9.3.4-sdb-sqlite-src.patch (upstream) * Tue Aug 14 2007 Adam Tkac <atkac redhat com> 31:9.4.1-9.P1 - named could crash when deleting SRV record with UPDATE (#251336) * Thu Jul 26 2007 Adam Tkac <atkac redhat com> 31:9.4.1-8.P1 - backported patch to #249701 from BIND's HEAD * Tue Jul 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-7.P1 - updated to latest upstream (contains fixes for CVE-2007-2925 and CVE-2007-2926) * Thu Jun 21 2007 Adam Tkac <atkac redhat com> 31:9.4.1-6.1 - minor changes in caching-nameserver configuration * Mon Jun 18 2007 Adam Tkac <atkac redhat com> 31:9.4.1-6 - major changes in default caching-nameserver configuration (configuration could now honor RFCs, #243565) * Tue Jun 5 2007 Adam Tkac <atkac redhat com> 31:9.4.1-5 - added /var/named/dynamic directory. This directory is primary designed for dynamic DNS zones. In future releases named could write only into dynamic, data and slaves directories * Thu May 24 2007 Adam Tkac <atkac redhat com> 31:9.4.1-4 - start using deprecated ldap API - fix minor bug in bind-chroot-admin (#241103) * Tue May 15 2007 Adam Tkac <atkac redhat com> 31:9.4.1-3 - fixed bind-chroot-admin dynamic DNS handling (#239149) - rewrited ldap backend to latest API (#239802) - updated zone-freeze patch to latest upstream * Mon May 7 2007 Adam Tkac <atkac redhat com> 31:9.4.1-2 - test build on new build system * Wed May 2 2007 Adam Tkac <atkac redhat com> 31:9.4.1-1 - updated to 9.4.1 which contains fix to CVE-2007-2241 * Fri Apr 27 2007 Adam Tkac <atkac redhat com> 31:9.4.0-8 - improved "zone freeze patch" - if multiple zone with same name exists no zone is freezed - minor cleanup in caching-nameserver's config file - fixed race-condition in dbus code (#235809) - added forgotten restorecon statement in bind-chroot-admin * Tue Apr 17 2007 Adam Tkac <atkac redhat com> 31:9.4.0-7.fc7 - removed DEBUGINFO option because with this option (default) was bind builded with -O0 and without this flag no debuginfo package was produced. (I want faster bind => -O2 + debuginfo) - fixed zone finding (#236426) -------------------------------------------------------------------------------- References: [ 1 ] Bug #429149 - CVE-2008-0122 libbind off-by-one buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=429149 -------------------------------------------------------------------------------- Updated packages: c6ac4344bc5ac18cd5369302a37612415e24034f bind-debuginfo-9.4.2-3.fc7.ppc64.rpm a3db4c0e53ab63724890ad72027d5c48a316ee73 bind-sdb-9.4.2-3.fc7.ppc64.rpm 44cda86fb3454f53f423d8984914e891ab7113b2 bind-chroot-9.4.2-3.fc7.ppc64.rpm 1aa3bf9843973e1f17aaafa492bbb2c3d9dd9fb3 caching-nameserver-9.4.2-3.fc7.ppc64.rpm 88f31c3041a7ffee1c420efb2c694a0ec465faa9 bind-devel-9.4.2-3.fc7.ppc64.rpm 7c68a035d338daa298b49adc4475c7cee535fedb bind-utils-9.4.2-3.fc7.ppc64.rpm 977a5d5f9e7a48d5f259bf8f81546194d737ff2e bind-libs-9.4.2-3.fc7.ppc64.rpm 0b232359ef45c75e8356b9c146fa168099a2417f bind-9.4.2-3.fc7.ppc64.rpm 98ea2ee934c5ecac97300990b645f74112e76676 bind-debuginfo-9.4.2-3.fc7.i386.rpm c021e50994942e16457c617c0edcea68128032e5 bind-sdb-9.4.2-3.fc7.i386.rpm 97c49428882c2c338b674c385a60d1072165ffbf bind-chroot-9.4.2-3.fc7.i386.rpm 4900016306404d08e6f1bdf80cc29ce9f91aaa1b caching-nameserver-9.4.2-3.fc7.i386.rpm 085bbde75950660b1861b52d77791e61064a8774 bind-devel-9.4.2-3.fc7.i386.rpm 1c01e674b85b9ed4f2c2b55b7a94bc9527d6a3b3 bind-utils-9.4.2-3.fc7.i386.rpm 633af843a6d7516c8018b16d7d89b1a3d249e753 bind-libs-9.4.2-3.fc7.i386.rpm 7611f8e9be4aea429e9725dd2b4d3c5a19d114d3 bind-9.4.2-3.fc7.i386.rpm 3bcf8639078fed009ba080af2cdee835d150365f caching-nameserver-9.4.2-3.fc7.x86_64.rpm 14dfd38e81c9f9d79af217576cf8dd22e2f437c1 bind-chroot-9.4.2-3.fc7.x86_64.rpm 2f5ce4a67d124725f62de401a4e0b01c22762a5d bind-utils-9.4.2-3.fc7.x86_64.rpm aa3cf2b12da96f8da43312e33d3a58dd1c4ff40b bind-9.4.2-3.fc7.x86_64.rpm aa32f28e752e8e6d46fde637298bcf996c1609b0 bind-libs-9.4.2-3.fc7.x86_64.rpm 8d0a328f836f90b5bd91d61013e33dfc45772aff bind-sdb-9.4.2-3.fc7.x86_64.rpm bfa904facd6ac7f131661e420a86a5dff4337164 bind-devel-9.4.2-3.fc7.x86_64.rpm a9e90540db1488df719c648d9885d16464b5e47a bind-debuginfo-9.4.2-3.fc7.x86_64.rpm 3bd0d4d1fd3431652f3d34eb68d7dd82745c3015 bind-debuginfo-9.4.2-3.fc7.ppc.rpm 8ed5a0f186342be7ed9608cbfa411ddd999a3a49 bind-sdb-9.4.2-3.fc7.ppc.rpm 964555c1f52a8d4a7f6a091a25e383f5f7eb5004 bind-chroot-9.4.2-3.fc7.ppc.rpm f42e929110b650052e4d38b4b657c1a5ee6f5920 caching-nameserver-9.4.2-3.fc7.ppc.rpm cb4ea5dfa9ee8cc3a05ab5a4902db109bcbeeefe bind-devel-9.4.2-3.fc7.ppc.rpm 5ca825eff123b1d0e8ebc84c10bfec017d91d0b8 bind-utils-9.4.2-3.fc7.ppc.rpm eb9f3f7d45f661bd412b821bda01b0b320b861ab bind-libs-9.4.2-3.fc7.ppc.rpm 422365265dcef3597dd2c6fd7b01f1f522a70cb7 bind-9.4.2-3.fc7.ppc.rpm 6c8fb790f26c30ff4d977a30301346f494a12801 bind-9.4.2-3.fc7.src.rpm This update can be installed with the "yum" update program. Use su -c 'yum update bind' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann... (Log in to post comments)
|
||||||||||||||||