Synopsis: Important: bind security update
Issue date: 2010-12-20
CVE Names: CVE-2010-3613
It was discovered that named did not invalidate previously cached SIG
records when adding an NCACHE record for the same entry to the cache. A
remote attacker allowed to send recursive DNS queries to named could use
this flaw to crash named. (CVE-2010-3613)
After installing the update, the BIND daemon (named) will be restarted
automatically.
SL 4.x
SRPMS:
bind-9.2.4-30.el4_8.6.src.rpm
i386:
bind-9.2.4-30.el4_8.6.i386.rpm
bind-chroot-9.2.4-30.el4_8.6.i386.rpm
bind-devel-9.2.4-30.el4_8.6.i386.rpm
bind-libs-9.2.4-30.el4_8.6.i386.rpm
bind-utils-9.2.4-30.el4_8.6.i386.rpm
x86_64:
bind-9.2.4-30.el4_8.6.x86_64.rpm
bind-chroot-9.2.4-30.el4_8.6.x86_64.rpm
bind-devel-9.2.4-30.el4_8.6.x86_64.rpm
bind-libs-9.2.4-30.el4_8.6.i386.rpm
bind-libs-9.2.4-30.el4_8.6.x86_64.rpm
bind-utils-9.2.4-30.el4_8.6.x86_64.rpm
-Connie Sieh
-Troy Dawson