The latest version is bind-9.2.4-30.el4_8.4 for 4.x .
-connie sieh
On Thu, 30 Jul 2009, Connie Sieh wrote:
Larry,
It takes a really long time to move a errata to our ftp server. The time is
in the createrepo and repoview creation. It should be there soon. I think
that 47 , 46, 45 are done now for x86_64 and all of the i386 ones are not
done.
You also may need to do a clean all to clean out the yum cache.
-Connie Sieh
On Thu, 30 Jul 2009, P. Larry Nelson wrote:
Connie,
On every SL4.7 system I tried, doing a 'yum update', I'm getting
"No Packages marked for Update/Obsoletion".
Checking which bind-libs and bind-utils I have, I'm getting
version: 9.2.4-30.el4_7.1.
Now, the weird part - I first tried (after the message below arrived)
on my test virtual system SL4.7 (guest OS on VMWare) with 'yum update'
and (besides the new kernel) I got version: 9.2.4-30.el4_8.4 of the
bind rpm's.
- Larry
Connie Sieh wrote on 7/30/2009 12:31 PM:
> Synopsis: Important: bind security and bug fix update
> CVE: CVE-2009-0696
>
> CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
>
>
> A flaw was found in the way BIND handles dynamic update message packets
> containing the "ANY" record type. A remote attacker could use this flaw
> to
> send a specially-crafted dynamic update packet that could cause named
> to
> exit with an assertion failure. (CVE-2009-0696)
>
> Note: even if named is not configured for dynamic updates, receiving
> such
> a specially-crafted dynamic update packet could still cause named to
> exit
> unexpectedly.
>
> This update also fixes the following bug:
>
> * when running on a system receiving a large number of (greater than
> 4,000)
> DNS requests per second, the named DNS nameserver became unresponsive,
> and
> the named service had to be restarted in order for it to continue
> serving
> requests. This was caused by a deadlock occurring between two threads
> that
> led to the inability of named to continue to service requests. This
> deadlock has been resolved with these updated packages so that named no
> longer becomes unresponsive under heavy load. (BZ#512668)
>
> After installing the update, the BIND daemon (named) will be restarted
> automatically.
>
> SRPM:
> bind-9.2.4-30.el4_8.4.src.rpm
>
> i386:
> bind-9.2.4-30.el4_8.4.i386.rpm
> bind-chroot-9.2.4-30.el4_8.4.i386.rpm
> bind-devel-9.2.4-30.el4_8.4.i386.rpm
> bind-libs-9.2.4-30.el4_8.4.i386.rpm
> bind-utils-9.2.4-30.el4_8.4.i386.rpm
>
> x86_64:
> bind-9.2.4-30.el4_8.4.x86_64.rpm
> bind-chroot-9.2.4-30.el4_8.4.x86_64.rpm
> bind-devel-9.2.4-30.el4_8.4.x86_64.rpm
> bind-libs-9.2.4-30.el4_8.4.i386.rpm
> bind-libs-9.2.4-30.el4_8.4.x86_64.rpm
> bind-utils-9.2.4-30.el4_8.4.x86_64.rpm
>
> -Connie Sieh
> -Troy Dawson
--
P. Larry Nelson (217-244-9855) | Systems/Network Administrator
461 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill.
MailTo:[email protected] | http://www.roadkill.com/lnelson/
-------------------------------------------------------------------
"Information without accountability is just noise." - P.L. Nelson
