Subject: | |
From: | |
Reply To: | |
Date: | Thu, 30 Jul 2009 15:55:25 -0500 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
Larry,
It takes a really long time to move a errata to our ftp server. The time
is in the createrepo and repoview creation. It should be there soon. I
think that 47 , 46, 45 are done now for x86_64 and all of the i386 ones
are not done.
You also may need to do a clean all to clean out the yum cache.
-Connie Sieh
On Thu, 30 Jul 2009, P. Larry Nelson wrote:
> Connie,
>
> On every SL4.7 system I tried, doing a 'yum update', I'm getting
> "No Packages marked for Update/Obsoletion".
>
> Checking which bind-libs and bind-utils I have, I'm getting
> version: 9.2.4-30.el4_7.1.
>
> Now, the weird part - I first tried (after the message below arrived)
> on my test virtual system SL4.7 (guest OS on VMWare) with 'yum update'
> and (besides the new kernel) I got version: 9.2.4-30.el4_8.4 of the
> bind rpm's.
>
> - Larry
>
> Connie Sieh wrote on 7/30/2009 12:31 PM:
>> Synopsis: Important: bind security and bug fix update
>> CVE: CVE-2009-0696
>>
>> CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
>>
>>
>> A flaw was found in the way BIND handles dynamic update message packets
>> containing the "ANY" record type. A remote attacker could use this flaw to
>> send a specially-crafted dynamic update packet that could cause named to
>> exit with an assertion failure. (CVE-2009-0696)
>>
>> Note: even if named is not configured for dynamic updates, receiving such
>> a specially-crafted dynamic update packet could still cause named to exit
>> unexpectedly.
>>
>> This update also fixes the following bug:
>>
>> * when running on a system receiving a large number of (greater than
>> 4,000)
>> DNS requests per second, the named DNS nameserver became unresponsive, and
>> the named service had to be restarted in order for it to continue serving
>> requests. This was caused by a deadlock occurring between two threads that
>> led to the inability of named to continue to service requests. This
>> deadlock has been resolved with these updated packages so that named no
>> longer becomes unresponsive under heavy load. (BZ#512668)
>>
>> After installing the update, the BIND daemon (named) will be restarted
>> automatically.
>>
>> SRPM:
>> bind-9.2.4-30.el4_8.4.src.rpm
>>
>> i386:
>> bind-9.2.4-30.el4_8.4.i386.rpm
>> bind-chroot-9.2.4-30.el4_8.4.i386.rpm
>> bind-devel-9.2.4-30.el4_8.4.i386.rpm
>> bind-libs-9.2.4-30.el4_8.4.i386.rpm
>> bind-utils-9.2.4-30.el4_8.4.i386.rpm
>>
>> x86_64:
>> bind-9.2.4-30.el4_8.4.x86_64.rpm
>> bind-chroot-9.2.4-30.el4_8.4.x86_64.rpm
>> bind-devel-9.2.4-30.el4_8.4.x86_64.rpm
>> bind-libs-9.2.4-30.el4_8.4.i386.rpm
>> bind-libs-9.2.4-30.el4_8.4.x86_64.rpm
>> bind-utils-9.2.4-30.el4_8.4.x86_64.rpm
>>
>> -Connie Sieh
>> -Troy Dawson
>
>
> --
> P. Larry Nelson (217-244-9855) | Systems/Network Administrator
> 461 Loomis Lab | High Energy Physics Group
> 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill.
> MailTo:[log in to unmask] | http://www.roadkill.com/lnelson/
> -------------------------------------------------------------------
> "Information without accountability is just noise." - P.L. Nelson
>
|
|
|