The latest version is bind-9.2.4-30.el4_8.4 for 4.x .
-connie sieh
On Thu, 30 Jul 2009, Connie Sieh wrote:
> Larry,
>
> It takes a really long time to move a errata to our ftp server. The time is
> in the createrepo and repoview creation. It should be there soon. I think
> that 47 , 46, 45 are done now for x86_64 and all of the i386 ones are not
> done.
>
> You also may need to do a clean all to clean out the yum cache.
>
> -Connie Sieh
>
> On Thu, 30 Jul 2009, P. Larry Nelson wrote:
>
>> Connie,
>>
>> On every SL4.7 system I tried, doing a 'yum update', I'm getting
>> "No Packages marked for Update/Obsoletion".
>>
>> Checking which bind-libs and bind-utils I have, I'm getting
>> version: 9.2.4-30.el4_7.1.
>>
>> Now, the weird part - I first tried (after the message below arrived)
>> on my test virtual system SL4.7 (guest OS on VMWare) with 'yum update'
>> and (besides the new kernel) I got version: 9.2.4-30.el4_8.4 of the
>> bind rpm's.
>>
>> - Larry
>>
>> Connie Sieh wrote on 7/30/2009 12:31 PM:
>> > Synopsis: Important: bind security and bug fix update
>> > CVE: CVE-2009-0696
>> >
>> > CVE-2009-0696 bind: DoS (assertion failure) via nsupdate packets
>> >
>> >
>> > A flaw was found in the way BIND handles dynamic update message packets
>> > containing the "ANY" record type. A remote attacker could use this flaw
>> > to
>> > send a specially-crafted dynamic update packet that could cause named
>> > to
>> > exit with an assertion failure. (CVE-2009-0696)
>> >
>> > Note: even if named is not configured for dynamic updates, receiving
>> > such
>> > a specially-crafted dynamic update packet could still cause named to
>> > exit
>> > unexpectedly.
>> >
>> > This update also fixes the following bug:
>> >
>> > * when running on a system receiving a large number of (greater than
>> > 4,000)
>> > DNS requests per second, the named DNS nameserver became unresponsive,
>> > and
>> > the named service had to be restarted in order for it to continue
>> > serving
>> > requests. This was caused by a deadlock occurring between two threads
>> > that
>> > led to the inability of named to continue to service requests. This
>> > deadlock has been resolved with these updated packages so that named no
>> > longer becomes unresponsive under heavy load. (BZ#512668)
>> >
>> > After installing the update, the BIND daemon (named) will be restarted
>> > automatically.
>> >
>> > SRPM:
>> > bind-9.2.4-30.el4_8.4.src.rpm
>> >
>> > i386:
>> > bind-9.2.4-30.el4_8.4.i386.rpm
>> > bind-chroot-9.2.4-30.el4_8.4.i386.rpm
>> > bind-devel-9.2.4-30.el4_8.4.i386.rpm
>> > bind-libs-9.2.4-30.el4_8.4.i386.rpm
>> > bind-utils-9.2.4-30.el4_8.4.i386.rpm
>> >
>> > x86_64:
>> > bind-9.2.4-30.el4_8.4.x86_64.rpm
>> > bind-chroot-9.2.4-30.el4_8.4.x86_64.rpm
>> > bind-devel-9.2.4-30.el4_8.4.x86_64.rpm
>> > bind-libs-9.2.4-30.el4_8.4.i386.rpm
>> > bind-libs-9.2.4-30.el4_8.4.x86_64.rpm
>> > bind-utils-9.2.4-30.el4_8.4.x86_64.rpm
>> >
>> > -Connie Sieh
>> > -Troy Dawson
>>
>>
>> --
>> P. Larry Nelson (217-244-9855) | Systems/Network Administrator
>> 461 Loomis Lab | High Energy Physics Group
>> 1110 W. Green St., Urbana, IL | Physics Dept., Univ. of Ill.
>> MailTo:[log in to unmask] | http://www.roadkill.com/lnelson/
>> -------------------------------------------------------------------
>> "Information without accountability is just noise." - P.L. Nelson
>>
>
>
|
