Skip to navigation

Security Advisory Important: bind security update

Advisory: RHSA-2012:1110-1
Type: Security Advisory
Severity: Important
Issued on: 2012-07-23
Last updated on: 2012-07-23
Affected Products: Red Hat Enterprise Linux ELS (v. 4)
CVEs (cve.mitre.org): CVE-2012-1667

Details

Updated bind packages that fix one security issue are now available for
Red Hat Enterprise Linux 4 Extended Life Cycle Support.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

A flaw was found in the way BIND handled zero length resource data records.
A malicious owner of a DNS domain could use this flaw to create
specially-crafted DNS resource records that would cause a recursive
resolver or secondary server to crash or, possibly, disclose portions of
its memory. (CVE-2012-1667)

Users of bind are advised to upgrade to these updated packages, which
correct this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux ELS (v. 4)

SRPMS:
bind-9.2.4-39.el4.src.rpm
File outdated by:  RHSA-2012:1365
    MD5: f94a8cf4200c8e1638ac965fcb5fe910
SHA-256: 6f611c6215358713c481f17ab622df6b1ac9157dd0e40d54e2e461171669ff9f
 
IA-32:
bind-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: dc9d3a13e42577ac0a804f8fbe638bb7
SHA-256: 1de7d7c4b39997ecbd9d0f660a72739777bfb72849548421e4bcdfa7ad2007d4
bind-chroot-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: 8d6ca9ce58d2b622514c0e941702d2ff
SHA-256: 65dab3c5588c46abc6b16710535acd73e04235d1b4a55090ccf2c8cf67bc63f9
bind-devel-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: d07312dab58578131129cd4935cef1ed
SHA-256: 7e0b6c2440dcb84229102d560490ae0bacddd4afdef8b744d17e161e12b59653
bind-libs-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: 407998e7c2dd49be18a96cd9b2a665e5
SHA-256: 3c92c953da8eb356fcbbdd95fb2dee0ee8a0e0a90d3f2608815d4f86a3ac886d
bind-utils-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: c16d564910f2bc42f15ec334e0bd7eae
SHA-256: 168bd20ea4f732b2cf49957737706e043b8c60d2465aeabdf0be2c7af78a572a
 
IA-64:
bind-9.2.4-39.el4.ia64.rpm
File outdated by:  RHSA-2012:1365
    MD5: 929cc820d164c286e0e9781523223e8a
SHA-256: 71771be238b8b05a6f01de4a57a73e814a0cc8e5b5ef43a22e1f035bbd79fc6d
bind-chroot-9.2.4-39.el4.ia64.rpm
File outdated by:  RHSA-2012:1365
    MD5: eb3880cb116f0fa16a8447d6d50ae306
SHA-256: 1dac68fd9d3d2d7a00ac5131f11f5ce0e8b14a36c6d8f9d15a9b1e334ff61511
bind-devel-9.2.4-39.el4.ia64.rpm
File outdated by:  RHSA-2012:1365
    MD5: 7e6ccce2b78c11e199081c2281fe6dd5
SHA-256: 9902d9bb7d53abde28c3ce1c82a392ee9141bfcbcf7cfd0ae2ab1731396cde53
bind-libs-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: 407998e7c2dd49be18a96cd9b2a665e5
SHA-256: 3c92c953da8eb356fcbbdd95fb2dee0ee8a0e0a90d3f2608815d4f86a3ac886d
bind-libs-9.2.4-39.el4.ia64.rpm
File outdated by:  RHSA-2012:1365
    MD5: 50231c5659c3685c9f0af24f3f5783b5
SHA-256: f293a1cc1e6aca3224f62870a84278331e23164b9dd00228a8e8b2dac78d41aa
bind-utils-9.2.4-39.el4.ia64.rpm
File outdated by:  RHSA-2012:1365
    MD5: fcbd99f0f27e4b4cfaca935d245bcfa5
SHA-256: da6661aeb74d6cc5e7082d4270775b5a1eb47ac468d0bfc8e56ae6dbf7ff463b
 
x86_64:
bind-9.2.4-39.el4.x86_64.rpm
File outdated by:  RHSA-2012:1365
    MD5: 9b44163a05b597d5a3117c593fe7d867
SHA-256: edc49954c33530fc377b94cd9c377c39e6c183b93ff56dbd4aee401ffe7054be
bind-chroot-9.2.4-39.el4.x86_64.rpm
File outdated by:  RHSA-2012:1365
    MD5: 65895c977123abeb50f9b60f7727d903
SHA-256: fa16b4bc6cf371b9649e4954d599f578b12c88dd2ba449f6ed857f3e40363b3d
bind-devel-9.2.4-39.el4.x86_64.rpm
File outdated by:  RHSA-2012:1365
    MD5: f77bb3aafb0045c5620d83a0421a0a90
SHA-256: 5172cbb37fc856b87017bda7e2db838866f213149d2a5474f1569a8d9a74e1f4
bind-libs-9.2.4-39.el4.i386.rpm
File outdated by:  RHSA-2012:1365
    MD5: 407998e7c2dd49be18a96cd9b2a665e5
SHA-256: 3c92c953da8eb356fcbbdd95fb2dee0ee8a0e0a90d3f2608815d4f86a3ac886d
bind-libs-9.2.4-39.el4.x86_64.rpm
File outdated by:  RHSA-2012:1365
    MD5: f66486567023fd6f4ad055d8c64f273f
SHA-256: 4b756819673ddc48f50385d2ee9c95aeeec2f87b5a578affc754d33cd4c7598d
bind-utils-9.2.4-39.el4.x86_64.rpm
File outdated by:  RHSA-2012:1365
    MD5: aeacd6e6d2a8136c698c96b988d6da49
SHA-256: a76d99334f5e2fd4c6dc95c610301a007f96c53bb97b385f5b9eb00afe2b6259
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

828078 - CVE-2012-1667 bind: handling of zero length rdata can cause named to terminate unexpectedly


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/