Synopsis: Moderate: perl-Net-DNS security update
CVE Names: CVE-2007-3377 CVE-2007-3409
Description:
A flaw was found in the way Net::DNS generated the ID field in a DNS
query.
This predictable ID field could be used by a remote attacker to return
invalid DNS data. (CVE-2007-3377)
A denial of service flaw was found in the way Net::DNS parsed certain DNS
requests. A malformed response to a DNS request could cause the
application
using Net::DNS to crash or stop responding. (CVE-2007-3409)
SL 3.0.x
SRPMS:
perl-Net-DNS-0.31-4.el3.src.rpm
i386:
perl-Net-DNS-0.31-4.el3.noarch.rpm
x86_64:
perl-Net-DNS-0.31-4.el3.noarch.rpm
SL 4.x
SRPMS:
perl-Net-DNS-0.48-2.el4.src.rpm
i386:
perl-Net-DNS-0.48-2.el4.i386.rpm
x86_64:
perl-Net-DNS-0.48-2.el4.x86_64.rpm
SL 5.x
SRPMS:
perl-Net-DNS-0.59-3.el5.src.rpm
i386:
perl-Net-DNS-0.59-3.el5.i386.rpm
x86_64:
perl-Net-DNS-0.59-3.el5.x86_64.rpm
-Connie Sieh