Synopsis: Moderate: bind security update Issue date: 2009-01-08 CVE Names: CVE-2009-0025 A flaw was discovered in the way BIND checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. (CVE-2009-0025) For users of Red Hat Enterprise Linux 3 this update also addresses a bug which can cause BIND to occasionally exit with an assertion failure. After installing theupdate, BIND daemon will be restarted automatically. SL 3.0.x SRPMS: bind-9.2.4-23.el3.src.rpm i386: bind-9.2.4-23.el3.i386.rpm bind-chroot-9.2.4-23.el3.i386.rpm bind-devel-9.2.4-23.el3.i386.rpm bind-libs-9.2.4-23.el3.i386.rpm bind-utils-9.2.4-23.el3.i386.rpm x86_64: bind-9.2.4-23.el3.x86_64.rpm bind-chroot-9.2.4-23.el3.x86_64.rpm bind-devel-9.2.4-23.el3.x86_64.rpm bind-libs-9.2.4-23.el3.x86_64.rpm bind-utils-9.2.4-23.el3.x86_64.rpm SL 4.x SRPMS: bind-9.2.4-30.el4_7.1.src.rpm i386: bind-9.2.4-30.el4_7.1.i386.rpm bind-chroot-9.2.4-30.el4_7.1.i386.rpm bind-devel-9.2.4-30.el4_7.1.i386.rpm bind-libs-9.2.4-30.el4_7.1.i386.rpm bind-utils-9.2.4-30.el4_7.1.i386.rpm x86_64: bind-9.2.4-30.el4_7.1.x86_64.rpm bind-chroot-9.2.4-30.el4_7.1.x86_64.rpm bind-devel-9.2.4-30.el4_7.1.x86_64.rpm bind-libs-9.2.4-30.el4_7.1.i386.rpm bind-libs-9.2.4-30.el4_7.1.x86_64.rpm bind-utils-9.2.4-30.el4_7.1.x86_64.rpm SL 5.x SRPMS: bind-9.3.4-6.0.3.P1.el5_2.src.rpm i386: bind-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-chroot-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-devel-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-libbind-devel-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-libs-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-sdb-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-utils-9.3.4-6.0.3.P1.el5_2.i386.rpm caching-nameserver-9.3.4-6.0.3.P1.el5_2.i386.rpm x86_64: bind-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-chroot-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-devel-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-devel-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-libbind-devel-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-libbind-devel-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-libs-9.3.4-6.0.3.P1.el5_2.i386.rpm bind-libs-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-sdb-9.3.4-6.0.3.P1.el5_2.x86_64.rpm bind-utils-9.3.4-6.0.3.P1.el5_2.x86_64.rpm caching-nameserver-9.3.4-6.0.3.P1.el5_2.x86_64.rpm -Connie Sieh -Troy Dawson