LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

October 2014

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA October 2014

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: bind97 on SL5.x i386/x86_64
From:	Bonnie King <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Mon, 13 Oct 2014 15:42:27 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (54 lines)

Synopsis:          Moderate: bind97 security and bug fix update
Advisory ID:       SLSA-2014:1244-1
Issue Date:        2014-09-16
CVE Numbers:       CVE-2014-0591
--

A denial of service flaw was found in the way BIND handled queries for
NSEC3-signed zones. A remote attacker could use this flaw against an
authoritative name server that served NCES3-signed zones by sending a
specially crafted query, which, when processed, would cause named to
crash. (CVE-2014-0591)

Note: The CVE-2014-0591 issue does not directly affect the version of
bind97 shipped in Scientific Linux 5. This issue is being addressed
however to assure it is not introduced in future builds of bind97
(possibly built with a different compiler or C library optimization).

This update also fixes the following bug:

* Previously, the bind97 initscript did not check for the existence of the
ROOTDIR variable when shutting down the named daemon. As a consequence,
some parts of the file system that are mounted when using bind97 in a
chroot environment were unmounted on daemon shut down, even if bind97 was
not running in a chroot environment. With this update, the initscript has
been fixed to check for the existence of the ROOTDIR variable when
unmounting some parts of the file system on named daemon shut down. Now,
when shutting down bind97 that is not running in a chroot environment, no
parts of the file system are unmounted.

After installing the update, the BIND daemon (named) will be restarted
automatically.
--

SL5
  x86_64
    bind97-9.7.0-21.P2.el5.x86_64.rpm
    bind97-chroot-9.7.0-21.P2.el5.x86_64.rpm
    bind97-debuginfo-9.7.0-21.P2.el5.i386.rpm
    bind97-debuginfo-9.7.0-21.P2.el5.x86_64.rpm
    bind97-devel-9.7.0-21.P2.el5.i386.rpm
    bind97-devel-9.7.0-21.P2.el5.x86_64.rpm
    bind97-libs-9.7.0-21.P2.el5.i386.rpm
    bind97-libs-9.7.0-21.P2.el5.x86_64.rpm
    bind97-utils-9.7.0-21.P2.el5.x86_64.rpm
  i386
    bind97-9.7.0-21.P2.el5.i386.rpm
    bind97-chroot-9.7.0-21.P2.el5.i386.rpm
    bind97-debuginfo-9.7.0-21.P2.el5.i386.rpm
    bind97-devel-9.7.0-21.P2.el5.i386.rpm
    bind97-libs-9.7.0-21.P2.el5.i386.rpm
    bind97-utils-9.7.0-21.P2.el5.i386.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV