Nom du paquet
bind
Date
2007-07-25
Advisory ID
MDKSA-2007:149
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64

Problem description

The DNS query id generation code in BIND9 is vulnerable to
cryptographic analysis which provides a 1-in-8 change of guessing the
next query ID for 50% of the query IDs, which could be used by a remote
attacker to perform cache poisoning by an attacker (CVE-2007-2926).

As well, in BIND9 9.4.x, the default ACLs were note being correctly
set, which could allow anyone to make recursive queries and/or query
the cache contents (CVE-2007-2925).

This update provides packages which are patched to prevent these
issues.

Updated packages

CS4.0 x86_64

 c7a8dfd717b9a09d8dc41a3cb965dc5b  corporate/4.0/x86_64/bind-9.3.2-7.3.20060mlcs4.x86_64.rpm
 138e7372d556d5d9e4752fd8b0f2a51f  corporate/4.0/x86_64/bind-devel-9.3.2-7.3.20060mlcs4.x86_64.rpm
 bea2637f03f65bb5348518be66829d73  corporate/4.0/x86_64/bind-utils-9.3.2-7.3.20060mlcs4.x86_64.rpm 
 e36c4caca840fb114238bffa3875e8a5  corporate/4.0/SRPMS/bind-9.3.2-7.3.20060mlcs4.src.rpm

MNF2.0 i586

 518dcd7390cbb5e05d2303ca1743c793  mnf/2.0/i586/bind-9.2.3-6.4.M20mdk.i586.rpm
 22b28fe7739525ac2fe596a522473c32  mnf/2.0/i586/bind-devel-9.2.3-6.4.M20mdk.i586.rpm
 a6cb4e78f4f0f59a173ac58abd50011c  mnf/2.0/i586/bind-utils-9.2.3-6.4.M20mdk.i586.rpm 
 00a33a7531bbf5bad6d74bb9f3978a78  mnf/2.0/SRPMS/bind-9.2.3-6.4.M20mdk.src.rpm

2007.0 x86_64

 7fe09bf456f8a4d83ee7e4caad08b791  2007.0/x86_64/bind-9.3.2-8.3mdv2007.0.x86_64.rpm
 e5d4a371c47e6a6f6567c454766ea734  2007.0/x86_64/bind-devel-9.3.2-8.3mdv2007.0.x86_64.rpm
 5a41c963b1e5fab7515856f14ec4c3c4  2007.0/x86_64/bind-utils-9.3.2-8.3mdv2007.0.x86_64.rpm 
 557c41948b1ff0e4f329e2592c0dcb9f  2007.0/SRPMS/bind-9.3.2-8.3mdv2007.0.src.rpm

2007.1 i586

 c5edcec0bc385a1a2c717963b0f15dc0  2007.1/i586/bind-9.4.1-0.2mdv2007.1.i586.rpm
 9c579fed148a85a852b73828613cafde  2007.1/i586/bind-devel-9.4.1-0.2mdv2007.1.i586.rpm
 9a761cb0c7128b83522934b2d9cc2dfc  2007.1/i586/bind-utils-9.4.1-0.2mdv2007.1.i586.rpm 
 af14ae7948a33b1bf21d9bcafbf0e98e  2007.1/SRPMS/bind-9.4.1-0.2mdv2007.1.src.rpm

2007.0 i586

 2ebbd9a8148b7b4f05d255724627e348  2007.0/i586/bind-9.3.2-8.3mdv2007.0.i586.rpm
 386aa2bab5b3e23cb0c6f19bc17b0cd5  2007.0/i586/bind-devel-9.3.2-8.3mdv2007.0.i586.rpm
 d8e4b592f2d0fa630e32c23c50ab2565  2007.0/i586/bind-utils-9.3.2-8.3mdv2007.0.i586.rpm 
 557c41948b1ff0e4f329e2592c0dcb9f  2007.0/SRPMS/bind-9.3.2-8.3mdv2007.0.src.rpm

CS3.0 x86_64

 1394468eeb12fb9c2c52147eb1637a83  corporate/3.0/x86_64/bind-9.2.3-6.4.C30mdk.x86_64.rpm
 cd488003e8eb7174aa844896ace756f2  corporate/3.0/x86_64/bind-devel-9.2.3-6.4.C30mdk.x86_64.rpm
 f2fb153097f51bc2e99e31051b8b83cb  corporate/3.0/x86_64/bind-utils-9.2.3-6.4.C30mdk.x86_64.rpm 
 bf83bec867df0283d4977e50b8a51a09  corporate/3.0/SRPMS/bind-9.2.3-6.4.C30mdk.src.rpm

CS4.0 i586

 324fe3327eada40144bf44b4a31ba869  corporate/4.0/i586/bind-9.3.2-7.3.20060mlcs4.i586.rpm
 c2f1b22c3edd38f9a8c87d96ca36b271  corporate/4.0/i586/bind-devel-9.3.2-7.3.20060mlcs4.i586.rpm
 6f1cc8352c44a5ecf3affaf86981d505  corporate/4.0/i586/bind-utils-9.3.2-7.3.20060mlcs4.i586.rpm 
 e36c4caca840fb114238bffa3875e8a5  corporate/4.0/SRPMS/bind-9.3.2-7.3.20060mlcs4.src.rpm

CS3.0 i586

 d0dae82e4a5f3e1e4c13c8886daa7e7b  corporate/3.0/i586/bind-9.2.3-6.4.C30mdk.i586.rpm
 237a8a3b0d0f3407a93a7f308eb7ac06  corporate/3.0/i586/bind-devel-9.2.3-6.4.C30mdk.i586.rpm
 abcf17e76c7cdf8ec8e6bbef2adfd79c  corporate/3.0/i586/bind-utils-9.2.3-6.4.C30mdk.i586.rpm 
 bf83bec867df0283d4977e50b8a51a09  corporate/3.0/SRPMS/bind-9.2.3-6.4.C30mdk.src.rpm

2007.1 x86_64

 7a612949e7810f83e1322a574be9500c  2007.1/x86_64/bind-9.4.1-0.2mdv2007.1.x86_64.rpm
 ece5e802b3d5928999c34b1f9c95dfc8  2007.1/x86_64/bind-devel-9.4.1-0.2mdv2007.1.x86_64.rpm
 b3ccec62bfc5d07b9858f04ce8de8fd1  2007.1/x86_64/bind-utils-9.4.1-0.2mdv2007.1.x86_64.rpm 
 af14ae7948a33b1bf21d9bcafbf0e98e  2007.1/SRPMS/bind-9.4.1-0.2mdv2007.1.src.rpm

References