[El-errata] ELSA-2010-0062 Moderate: Enterprise Linux 5 bind security update
Errata Announcements for Enterprise Linux
el-errata at oss.oracle.com
Wed Jan 20 20:11:45 PST 2010
Enterprise Linux Security Advisory ELSA-2010-0062
https://rhn.redhat.com/errata/RHSA-2010-0062.html
The following updated rpms for Enterprise Linux 5 have been uploaded to
the Unbreakable Linux Network:
i386:
bind-9.3.6-4.P1.el5_4.2.i386.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.i386.rpm
bind-utils-9.3.6-4.P1.el5_4.2.i386.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.i386.rpm
x86_64:
bind-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-utils-9.3.6-4.P1.el5_4.2.x86_64.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm
ia64:
bind-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-devel-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-utils-9.3.6-4.P1.el5_4.2.ia64.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.ia64.rpm
SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/bind-9.3.6-4.P1.el5_4.2.src.rpm
Description of changes:
[30:9.3.6-4.P1.2]
- NSEC validation code could cause wrong NXDOMAIN responses (#554851,
CVE-2010-0097)
- improve fix for CVE-2009-4022 (#538744)
- {C,D}NAMEs could be returned to clients without proper DNSSEC validation
- don't validate + cache out-of-bailiwick data returned with a secure
answer.
Refetch it instead
More information about the El-errata
mailing list