Connie,
Thanks! The 'yum clean all' did the trick. I can now get the
latest bind version.
- Larry
Connie Sieh wrote on 7/30/2009 3:55 PM:
> Larry,
>
> It takes a really long time to move a errata to our ftp server. The
> time is in the createrepo and repoview creation. It should be there
> soon. I think that 47 , 46, 45 are done now for x86_64 and all of the
> i386 ones are not done.
>
> You also may need to do a clean all to clean out the yum cache.
>
> -Connie Sieh
>
> On Thu, 30 Jul 2009, P. Larry Nelson wrote:
>
>> Connie,
>>
>> On every SL4.7 system I tried, doing a 'yum update', I'm getting
>> "No Packages marked for Update/Obsoletion".
>>
>> Checking which bind-libs and bind-utils I have, I'm getting
>> version: 9.2.4-30.el4_7.1.
>>
>> Now, the weird part - I first tried (after the message below arrived)
>> on my test virtual system SL4.7 (guest OS on VMWare) with 'yum update'
>> and (besides the new kernel) I got version: 9.2.4-30.el4_8.4 of the
>> bind rpm's.
>>
>> - Larry
>>
>> Connie Sieh wrote on 7/30/2009 12:31 PM:
>>> Synopsis: Important: bind security and bug fix update
>>> CVE: CVE-2009-0696
>>>
>>> CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
>>>
>>>
>>> A flaw was found in the way BIND handles dynamic update message packets
>>> containing the "ANY" record type. A remote attacker could use this
>>> flaw to
>>> send a specially-crafted dynamic update packet that could cause
>>> named to
>>> exit with an assertion failure. (CVE-2009-0696)
>>>
>>> Note: even if named is not configured for dynamic updates, receiving
>>> such
>>> a specially-crafted dynamic update packet could still cause named to
>>> exit
>>> unexpectedly.
>>>
>>> This update also fixes the following bug:
>>>
>>> * when running on a system receiving a large number of (greater than
>>> 4,000)
>>> DNS requests per second, the named DNS nameserver became
>>> unresponsive, and
>>> the named service had to be restarted in order for it to continue
>>> serving
>>> requests. This was caused by a deadlock occurring between two
>>> threads that
>>> led to the inability of named to continue to service requests. This
>>> deadlock has been resolved with these updated packages so that named no
>>> longer becomes unresponsive under heavy load. (BZ#512668)
>>>
>>> After installing the update, the BIND daemon (named) will be restarted
>>> automatically.
>>>
>>> SRPM:
>>> bind-9.2.4-30.el4_8.4.src.rpm
>>>
>>> i386:
>>> bind-9.2.4-30.el4_8.4.i386.rpm
>>> bind-chroot-9.2.4-30.el4_8.4.i386.rpm
>>> bind-devel-9.2.4-30.el4_8.4.i386.rpm
>>> bind-libs-9.2.4-30.el4_8.4.i386.rpm
>>> bind-utils-9.2.4-30.el4_8.4.i386.rpm
>>>
>>> x86_64:
>>> bind-9.2.4-30.el4_8.4.x86_64.rpm
>>> bind-chroot-9.2.4-30.el4_8.4.x86_64.rpm
>>> bind-devel-9.2.4-30.el4_8.4.x86_64.rpm
>>> bind-libs-9.2.4-30.el4_8.4.i386.rpm
>>> bind-libs-9.2.4-30.el4_8.4.x86_64.rpm
>>> bind-utils-9.2.4-30.el4_8.4.x86_64.rpm
>>>
>>> -Connie Sieh
>>> -Troy Dawson
>>
>>
>> --
>> P. Larry Nelson (217-244-9855) | Systems/Network Administrator
>> 461 Loomis Lab | High Energy Physics Group
>> 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill.
>> MailTo:[log in to unmask] | http://www.roadkill.com/lnelson/
>> -------------------------------------------------------------------
>> "Information without accountability is just noise." - P.L. Nelson
>>
--
P. Larry Nelson (217-244-9855) | Systems/Network Administrator
461 Loomis Lab | High Energy Physics Group
1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill.
MailTo:[log in to unmask] | http://www.roadkill.com/lnelson/
-------------------------------------------------------------------
"Information without accountability is just noise." - P.L. Nelson
|
