From Fedora Project Wiki
[SECURITY] Fedora Core 6 Update: bind-9.3.4-7.P1.fc6
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2007-647 2007-07-26 --------------------------------------------------------------------- Product : Fedora Core 6 Name : bind Version : 9.3.4 Release : 7.P1.fc6 Summary : The Berkeley Internet Name Domain (BIND) DNS (Domain Name System) server. Description : BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. --------------------------------------------------------------------- Update Information: - CVE-2007-2926 - cryptographically weak query id generator - 1 in 8 chance of guessing the next query id for 50% of the query ids - allows cache-poisoning type of attack, no workaround, affect only outgoing queries --------------------------------------------------------------------- * Tue Jul 24 2007 Adam Tkac <atkac redhat com> 31:9.3.4-7.P1.fc6 - updated to 9.3.4-P1 which fixes CVE-2007-2926 --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/ 8799e54d86ca838e2973aeafa47ca6d76641a87f SRPMS/bind-9.3.4-7.P1.fc6.src.rpm 8799e54d86ca838e2973aeafa47ca6d76641a87f noarch/bind-9.3.4-7.P1.fc6.src.rpm 037fa8015cfbf24b263f7af61a6bc70cddc4d41e ppc/bind-sdb-9.3.4-7.P1.fc6.ppc.rpm 322c011099123e45fa7cd55ed64c0e3d7c8fd71d ppc/bind-devel-9.3.4-7.P1.fc6.ppc.rpm 98660445c6f27ca73ebef5467b7e9363f4b4a238 ppc/bind-libbind-devel-9.3.4-7.P1.fc6.ppc.rpm f99da939a5539555c2d215a9faa89597f20c3722 ppc/bind-9.3.4-7.P1.fc6.ppc.rpm 15acb2e13b6f2f53f4a641e9dd0c700f559caf1e ppc/debug/bind-debuginfo-9.3.4-7.P1.fc6.ppc.rpm 192238293a49fa261b1f6a75cee8194f5993c6cd ppc/caching-nameserver-9.3.4-7.P1.fc6.ppc.rpm 971a80b918a51c7aece251d0a70dea01c3d54a1c ppc/bind-libs-9.3.4-7.P1.fc6.ppc.rpm debe2be557f58742a700e8123492cf0a7f741bbb ppc/bind-chroot-9.3.4-7.P1.fc6.ppc.rpm 73638bdf1045edb82e8da25ff281212bc99fef60 ppc/bind-utils-9.3.4-7.P1.fc6.ppc.rpm 4e17b642fd3e50f1112f3cadce51f38892d8833e x86_64/bind-utils-9.3.4-7.P1.fc6.x86_64.rpm 14e4487e37edcc7a526e434353e1b4d8f20835fb x86_64/bind-libbind-devel-9.3.4-7.P1.fc6.x86_64.rpm 64064c33790bd6f288e0e9d791735c88cda90b3b x86_64/bind-libs-9.3.4-7.P1.fc6.x86_64.rpm 6c07bed1ed4342d28ad4c032a677f7e6ef1761c7 x86_64/caching-nameserver-9.3.4-7.P1.fc6.x86_64.rpm c0c024076b5a0a9ac919fe5688ecb9b96c83aafb x86_64/bind-devel-9.3.4-7.P1.fc6.x86_64.rpm 419f768b882fc92ac3891a6c4757439d9811b75d x86_64/bind-chroot-9.3.4-7.P1.fc6.x86_64.rpm 33664d391d539b450383f7619c04f7fde27f0bf2 x86_64/debug/bind-debuginfo-9.3.4-7.P1.fc6.x86_64.rpm 715bac1ea6a8d418601d95bb54c20974222b2e16 x86_64/bind-sdb-9.3.4-7.P1.fc6.x86_64.rpm b88c93ea147495878cb65fc0d708c218bd237353 x86_64/bind-9.3.4-7.P1.fc6.x86_64.rpm 960c2580f1b602e282f7cba7ae852fa64fb1e371 i386/bind-9.3.4-7.P1.fc6.i386.rpm 0a4047d8ae9dc83c8009f08adc45a20425f48f90 i386/bind-devel-9.3.4-7.P1.fc6.i386.rpm 0d78d3afaf856f76c6d889e75e91a342192fcceb i386/bind-libs-9.3.4-7.P1.fc6.i386.rpm c6aa9c9cd339304297d72bfca8c1abe59c476afe i386/bind-chroot-9.3.4-7.P1.fc6.i386.rpm bafcc716f31aceb36b580c0a624c99763e063df8 i386/debug/bind-debuginfo-9.3.4-7.P1.fc6.i386.rpm 1de28a524dbbfabfa08ea52ee02f418c54059db0 i386/bind-libbind-devel-9.3.4-7.P1.fc6.i386.rpm 3bb9de51eadd5374755688954bbdd9b9ec96eb68 i386/caching-nameserver-9.3.4-7.P1.fc6.i386.rpm 68ae1b0e23086efd44e4f0f796b1a12368d2f9c9 i386/bind-utils-9.3.4-7.P1.fc6.i386.rpm a5b1c647a7df8e4fc9b531ad5176102f2567092d i386/bind-sdb-9.3.4-7.P1.fc6.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/. ---------------------------------------------------------------------