Synopsis: Important: bind security update Issue Date: 2011-05-31 CVE Numbers: CVE-2011-1910 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910) All BIND users are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. Dependancies: bind-dyndb-ldap was required to be updated to 0.2.0-1.el6 due to dependancies. SL6: x86_64 bind-utils-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-sdb-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-libs-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-libs-9.7.3-2.el6_1.P1.1.i686.rpm bind-devel-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-devel-9.7.3-2.el6_1.P1.1.i686.rpm bind-debuginfo-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-debuginfo-9.7.3-2.el6_1.P1.1.i686.rpm bind-chroot-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-9.7.3-2.el6_1.P1.1.x86_64.rpm bind-dyndb-ldap-0.2.0-1.el6.x86_64.rpm i386 bind-chroot-9.7.3-2.el6_1.P1.1.i686.rpm bind-debuginfo-9.7.3-2.el6_1.P1.1.i686.rpm bind-devel-9.7.3-2.el6_1.P1.1.i686.rpm bind-libs-9.7.3-2.el6_1.P1.1.i686.rpm bind-sdb-9.7.3-2.el6_1.P1.1.i686.rpm bind-utils-9.7.3-2.el6_1.P1.1.i686.rpm bind-9.7.3-2.el6_1.P1.1.i686.rpm bind-dyndb-ldap-0.2.0-1.el6.i686.rpm - Scientific Linux Development Team