[El-errata] ELSA-2010-0062 Moderate: Enterprise Linux 5 bind security update

Errata Announcements for Enterprise Linux el-errata at oss.oracle.com
Wed Jan 20 20:11:45 PST 2010


Enterprise Linux Security Advisory ELSA-2010-0062

https://rhn.redhat.com/errata/RHSA-2010-0062.html

The following updated rpms for Enterprise Linux 5 have been uploaded to 
the Unbreakable Linux Network:

i386:
bind-9.3.6-4.P1.el5_4.2.i386.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.i386.rpm
bind-utils-9.3.6-4.P1.el5_4.2.i386.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.i386.rpm

x86_64:
bind-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.x86_64.rpm
bind-utils-9.3.6-4.P1.el5_4.2.x86_64.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.x86_64.rpm

ia64:
bind-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-chroot-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-devel-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-libbind-devel-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-libs-9.3.6-4.P1.el5_4.2.i386.rpm
bind-libs-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-sdb-9.3.6-4.P1.el5_4.2.ia64.rpm
bind-utils-9.3.6-4.P1.el5_4.2.ia64.rpm
caching-nameserver-9.3.6-4.P1.el5_4.2.ia64.rpm


SRPMS:
http://oss.oracle.com/el5/SRPMS-updates/bind-9.3.6-4.P1.el5_4.2.src.rpm


Description of changes:

[30:9.3.6-4.P1.2]
- NSEC validation code could cause wrong NXDOMAIN responses (#554851,
  CVE-2010-0097)
- improve fix for CVE-2009-4022 (#538744)
  - {C,D}NAMEs could be returned to clients without proper DNSSEC validation
  - don't validate + cache out-of-bailiwick data returned with a secure 
answer.
    Refetch it instead





More information about the El-errata mailing list