Skip to navigation

Security Advisory Moderate: bind security update

Advisory: RHSA-2007:0057-3
Type: Security Advisory
Severity: Moderate
Issued on: 2007-03-14
Last updated on: 2007-03-14
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2007-0493
CVE-2007-0494

Details

Updated bind packages that fix a security issue and a bug are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS
(Domain Name System) protocols.

A flaw was found in the way BIND processed certain DNS query responses. On
servers that had enabled DNSSEC validation, this could allow a remote
attacker to cause a denial of service. (CVE-2007-0494)

A use-after-free flaw was found in BIND. On servers that have recursion
enabled, this could allow a remote attacker to cause a denial of service.
(CVE-2007-0493)

Users of BIND are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
bind-9.3.3-8.el5.src.rpm
File outdated by:  RHBA-2013:0136
    MD5: 061e9150a2729ef73db3f42224f9ec4a
 
IA-32:
bind-chroot-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 3a8443e9f2da36135da2a8c002e9a571
bind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 2560fb157737b50781f0000b24fed60c
bind-libbind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7103ae91f3663539a16a2a38152aa92a
caching-nameserver-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: ed3a96d19f0668ded01e63d6b422e3d2
 
x86_64:
bind-chroot-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 1600c5327978f14cff4e3d6c723cd56e
bind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 2560fb157737b50781f0000b24fed60c
bind-devel-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 614c450db2303add7d716f9598ee4b9b
bind-libbind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7103ae91f3663539a16a2a38152aa92a
bind-libbind-devel-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 07eb939ce9b72a601a11edd744234499
caching-nameserver-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 13fcf98bf097c8f5066941527658422b
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
bind-9.3.3-8.el5.src.rpm
File outdated by:  RHBA-2013:0136
    MD5: 061e9150a2729ef73db3f42224f9ec4a
 
IA-32:
bind-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: d1b235753f0a30bf50c686b8889bdabb
bind-chroot-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 3a8443e9f2da36135da2a8c002e9a571
bind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 2560fb157737b50781f0000b24fed60c
bind-libbind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7103ae91f3663539a16a2a38152aa92a
bind-libs-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 0c9077d8950b18efe21714dded6c94c0
bind-sdb-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 5b6f33360d14530cedaabfeb018772af
bind-utils-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 9b7d14e4e7247d26b4ab1c670c295f8c
caching-nameserver-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: ed3a96d19f0668ded01e63d6b422e3d2
 
IA-64:
bind-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 08f4fd9cbb47d965af28da56ccd26eca
bind-chroot-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7411dc9f8cd53f8856d4b9c2fdf067ca
bind-devel-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 1d16d639b459fe2b2a9dbb306407cdea
bind-libbind-devel-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 881a976fd60622c832e5b765e3a8729a
bind-libs-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 0c9077d8950b18efe21714dded6c94c0
bind-libs-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: fda8d77c60383c569e4eb17f6b066c58
bind-sdb-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: b9c03a97fc999979339c7d5c4f1ca697
bind-utils-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: cdbd214f638e98281402a5691883896f
caching-nameserver-9.3.3-8.el5.ia64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 85f4480c97389bdb422e2e5431830dd3
 
PPC:
bind-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: 97eb06f5f63d9b1dd8d8ef041a877632
bind-chroot-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: a865dd4b52d40727d7ced7146942d088
bind-devel-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: 807d87da920d8767cd7be81ec9b23321
bind-devel-9.3.3-8.el5.ppc64.rpm
File outdated by:  RHBA-2013:0136
    MD5: e2e769b4315e07e7195806a9c005cffe
bind-libbind-devel-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: 4ecaa16632585f2216d63021586e48a7
bind-libbind-devel-9.3.3-8.el5.ppc64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 4e678e537581aa6b6a74d364d74f69d4
bind-libs-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: dec1559e9bb45aa632847eb6ddc934a9
bind-libs-9.3.3-8.el5.ppc64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 6b22f1a2277a9667bb20ab80cdb8483f
bind-sdb-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: 55d0288209e14a9bede395a24d0e93ac
bind-utils-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: b13aae75cb909caaf8a8a23ded7e8041
caching-nameserver-9.3.3-8.el5.ppc.rpm
File outdated by:  RHBA-2013:0136
    MD5: f0b76f1c2623f5fc385d4f12ef466550
 
s390x:
bind-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: c26913a7906a9c810ab21adfbf0f811f
bind-chroot-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: db3adf531b274576542b2a974d467742
bind-devel-9.3.3-8.el5.s390.rpm
File outdated by:  RHBA-2013:0136
    MD5: 74fb9b7fdbe7ed9642e326f39b9e64ba
bind-devel-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: ffa2fd4199b49d1ad2860d775cc8981c
bind-libbind-devel-9.3.3-8.el5.s390.rpm
File outdated by:  RHBA-2013:0136
    MD5: a023669dd68fca0a1f328eaf0edb5688
bind-libbind-devel-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: cd44c6c7d65036db055bdb184e98ecb7
bind-libs-9.3.3-8.el5.s390.rpm
File outdated by:  RHBA-2013:0136
    MD5: 14ab6cea9014c1b219360ea63b878012
bind-libs-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: 1c4675bdd52331f7f89b0b3a92cb3ce2
bind-sdb-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: f434705fdaa4918f9957391518a30f02
bind-utils-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: db6d7c3622e1306bc816352ca06ddbc2
caching-nameserver-9.3.3-8.el5.s390x.rpm
File outdated by:  RHBA-2013:0136
    MD5: 52aa7545a263150a525a44f0389d2205
 
x86_64:
bind-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 4d22697b70add12f9c124cc8cf286859
bind-chroot-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 1600c5327978f14cff4e3d6c723cd56e
bind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 2560fb157737b50781f0000b24fed60c
bind-devel-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 614c450db2303add7d716f9598ee4b9b
bind-libbind-devel-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7103ae91f3663539a16a2a38152aa92a
bind-libbind-devel-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 07eb939ce9b72a601a11edd744234499
bind-libs-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 0c9077d8950b18efe21714dded6c94c0
bind-libs-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: dafc0a981792ee6504a665a0cd529d01
bind-sdb-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: c05f0ec51d2439f4dd8f27b21bdbfe4f
bind-utils-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7251b73070a92dc90be41b0372000f61
caching-nameserver-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 13fcf98bf097c8f5066941527658422b
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
bind-9.3.3-8.el5.src.rpm
File outdated by:  RHBA-2013:0136
    MD5: 061e9150a2729ef73db3f42224f9ec4a
 
IA-32:
bind-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: d1b235753f0a30bf50c686b8889bdabb
bind-libs-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 0c9077d8950b18efe21714dded6c94c0
bind-sdb-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 5b6f33360d14530cedaabfeb018772af
bind-utils-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 9b7d14e4e7247d26b4ab1c670c295f8c
 
x86_64:
bind-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 4d22697b70add12f9c124cc8cf286859
bind-libs-9.3.3-8.el5.i386.rpm
File outdated by:  RHBA-2013:0136
    MD5: 0c9077d8950b18efe21714dded6c94c0
bind-libs-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: dafc0a981792ee6504a665a0cd529d01
bind-sdb-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: c05f0ec51d2439f4dd8f27b21bdbfe4f
bind-utils-9.3.3-8.el5.x86_64.rpm
File outdated by:  RHBA-2013:0136
    MD5: 7251b73070a92dc90be41b0372000f61
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

224445 - CVE-2007-0493 BIND might crash after attempting to read free()-ed memory
225229 - CVE-2007-0494 BIND dnssec denial of service


References


Keywords

bind, dnssec, named


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/