__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN Bind Security Update [Red Hat RHSA-2007:0740-2] July 26, 2007 19:00 GMT Number R-313 [REVISED 18 Sept 2007] [REVISED 24 Sept 2007] ______________________________________________________________________________ PROBLEM: A flaw was found in the way BIND generates outbound DNS query IDs. PLATFORM: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS, ES, WS (v. 2.1, v. 3, v.4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor SGI Advanced Linux Environment 3 Security Update #79 ProPack 3 Service Pack 6 HP TCP/IP Services for OpenVMS: Alpha v 5.4, 5.5, 5.6 I64 v 5.5, 5.6 DAMAGE: May allow an attacker to conduct a DNS cache poisoning attack, which can result in the DNS server returning incorrect client query data. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is LOW. May allow an attacker to conduct a DNS cache ASSESSMENT: poisoning attack, which can result in the DNS server returning incorrect client query data. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-313.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2007-0740.html ADDITIONAL LINKS: SGI Security Advisory 20070801-01-P ProPack3 Service Pack 6 http://www.sgi.com/support/security/advisories.html Visit Hewlett-Packards Subscription Service for: HPSBOV02261 SSRT071449 rev.1 for HP TCP/IP for OpenVMS CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-2926 ______________________________________________________________________________ REVISION HISTORY: 09/18/2007 - revised R-313 to add a link to SGI Security Advisory 20070801-01-P for SGI Advanced Linux Environment 3 Security Update #79 ProPack 3 Service Pack 6. 09/24/2007 - revised R-313 to add a link to Hewlett-Packard HPSBOV02261 SSRT071449 rev.1 for HP TCP/IP Services for OpenVMS Alpha v 5.4, 5.5, 5.6; I64 v 5.5, 5.6. [***** Start Red Hat RHSA-2007:0740-2 *****] Moderate: bind security update Advisory: RHSA-2007:0740-2 Type: Security Advisory Severity: Moderate Issued on: 2007-07-24 Last updated on: 2007-07-24 Affected Products: RHEL Desktop Workstation (v. 5 client) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 client) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor OVAL: com.redhat.rhsa-20070740.xml CVEs (cve.mitre.org): CVE-2007-2926 Details Updated bind packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. A flaw was found in the way BIND generates outbound DNS query ids. If an attacker is able to acquire a finite set of query IDs, it becomes possible to accurately predict future query IDs. Future query ID prediction may allow an attacker to conduct a DNS cache poisoning attack, which can result in the DNS server returning incorrect client query data. (CVE-2007-2926) Users of BIND are advised to upgrade to these updated packages, which contain backported patches to correct this issue. Solution Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Updated packages RHEL Desktop Workstation (v. 5 client) -------------------------------------------------------------------------------- IA-32: bind-chroot-9.3.3-9.0.1.el5.i386.rpm 01b1f971ee4a113f83644fa7aa587c96 bind-devel-9.3.3-9.0.1.el5.i386.rpm ceef367ad5340c9c91e105df8bee33ee bind-libbind-devel-9.3.3-9.0.1.el5.i386.rpm 5314d3396abd2f12a230a7d45c21fed6 caching-nameserver-9.3.3-9.0.1.el5.i386.rpm ea4129d240b0d7ea56b7b560fb4e22b1 x86_64: bind-chroot-9.3.3-9.0.1.el5.x86_64.rpm 4b97875dae8eae0e8494228e7a731a0c bind-devel-9.3.3-9.0.1.el5.i386.rpm ceef367ad5340c9c91e105df8bee33ee bind-devel-9.3.3-9.0.1.el5.x86_64.rpm 715cc95c0904875f2e018be81587a248 bind-libbind-devel-9.3.3-9.0.1.el5.i386.rpm 5314d3396abd2f12a230a7d45c21fed6 bind-libbind-devel-9.3.3-9.0.1.el5.x86_64.rpm 87711d9226a74c6936eef018d81f78ff caching-nameserver-9.3.3-9.0.1.el5.x86_64.rpm 041b4e88566f1721734630c581efc2ff Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-21.el3.src.rpm a09211046f0c17bbce5a3d0aca3285aa IA-32: bind-9.2.4-21.el3.i386.rpm d220f6e34eb2836bab33f7f2e02ad518 bind-chroot-9.2.4-21.el3.i386.rpm b25792ce44ea885a6d8377f23d40ced5 bind-devel-9.2.4-21.el3.i386.rpm 6f13daf54f2cb167f5f6fb7718544925 bind-libs-9.2.4-21.el3.i386.rpm 7aa5341f3ee41c4c0220e6cb17e9ee2d bind-utils-9.2.4-21.el3.i386.rpm 2e8120b18fcb4da93ec510aa578ae4d5 x86_64: bind-9.2.4-21.el3.x86_64.rpm baa4454faf09df30d63ea4744bb73af6 bind-chroot-9.2.4-21.el3.x86_64.rpm ac898a361e0121e74519dc4611d718a2 bind-devel-9.2.4-21.el3.x86_64.rpm 9361d0b01a1cb287ba74803b1aa19158 bind-libs-9.2.4-21.el3.x86_64.rpm 1d857634f9f60e80959aa4c498deed6f bind-utils-9.2.4-21.el3.x86_64.rpm f5086d3e177b473a173ebfd167a35d08 Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-27.0.1.el4.src.rpm 8a62840b27e5451813b66b03ec777950 IA-32: bind-9.2.4-27.0.1.el4.i386.rpm 404c5929efc3d820aac5eb1538fe050f bind-chroot-9.2.4-27.0.1.el4.i386.rpm 0a195740ef290f0297af3fa2dc3cb4af bind-devel-9.2.4-27.0.1.el4.i386.rpm 1d0afc187b1deb1fe2ad9639dfd7813b bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-utils-9.2.4-27.0.1.el4.i386.rpm c7c64dc6a7697e95e3e591d7b69985b2 x86_64: bind-9.2.4-27.0.1.el4.x86_64.rpm 8895bbd051d7a219ff1c85f1ad169a86 bind-chroot-9.2.4-27.0.1.el4.x86_64.rpm f7bb381d5bf8c7085c4fe3a4ed160ac0 bind-devel-9.2.4-27.0.1.el4.x86_64.rpm e56fbac1b22fdc3616f2e2e6fb1cd106 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.x86_64.rpm fc021fd760bef26761894e2b62372b25 bind-utils-9.2.4-27.0.1.el4.x86_64.rpm f7fa67d0cee9193411dbc4df1e176365 Red Hat Enterprise Linux (v. 5 server) -------------------------------------------------------------------------------- SRPMS: bind-9.3.3-9.0.1.el5.src.rpm a0278783db96704c362d5ad57432a03a IA-32: bind-9.3.3-9.0.1.el5.i386.rpm 3af182bc295cb2ca6d2ef6f564241089 bind-chroot-9.3.3-9.0.1.el5.i386.rpm 01b1f971ee4a113f83644fa7aa587c96 bind-devel-9.3.3-9.0.1.el5.i386.rpm ceef367ad5340c9c91e105df8bee33ee bind-libbind-devel-9.3.3-9.0.1.el5.i386.rpm 5314d3396abd2f12a230a7d45c21fed6 bind-libs-9.3.3-9.0.1.el5.i386.rpm 03a6f324046d5100a0fd237ccd82cad8 bind-sdb-9.3.3-9.0.1.el5.i386.rpm a82c4c553632ecaa9799b3aa933e3e7c bind-utils-9.3.3-9.0.1.el5.i386.rpm 28dff6e25f133fd686cdd9e144a85546 caching-nameserver-9.3.3-9.0.1.el5.i386.rpm ea4129d240b0d7ea56b7b560fb4e22b1 IA-64: bind-9.3.3-9.0.1.el5.ia64.rpm f077dba7178a67359a1f2e9676b26a07 bind-chroot-9.3.3-9.0.1.el5.ia64.rpm 91e1030edd1d4078765a7c453b56cd9a bind-devel-9.3.3-9.0.1.el5.ia64.rpm c5de5965334badde512b4d07de271c76 bind-libbind-devel-9.3.3-9.0.1.el5.ia64.rpm d25c2eb2cc379acae8b8225621735f39 bind-libs-9.3.3-9.0.1.el5.i386.rpm 03a6f324046d5100a0fd237ccd82cad8 bind-libs-9.3.3-9.0.1.el5.ia64.rpm 6921faaf3751d5ca1bd35ff2390af380 bind-sdb-9.3.3-9.0.1.el5.ia64.rpm 5e5d6a07eb2538cb11bb346058465501 bind-utils-9.3.3-9.0.1.el5.ia64.rpm fc959470c8fb9803b4739b9878c437e5 caching-nameserver-9.3.3-9.0.1.el5.ia64.rpm 4e43d79957f62c5cb85fb4850e7fbcd7 PPC: bind-9.3.3-9.0.1.el5.ppc.rpm b0a798bed5c5ba1403287a59aa8ce355 bind-chroot-9.3.3-9.0.1.el5.ppc.rpm ae12df90cf5d25876fe86620dbe2981c bind-devel-9.3.3-9.0.1.el5.ppc.rpm 83b5de1aee3509018715e754eefd345f bind-devel-9.3.3-9.0.1.el5.ppc64.rpm 6972463412b54425c25b90bed1804521 bind-libbind-devel-9.3.3-9.0.1.el5.ppc.rpm ca01cf8550df329f04fb84993f3317fe bind-libbind-devel-9.3.3-9.0.1.el5.ppc64.rpm bb3f7685e7f124125ba5ed86987236b7 bind-libs-9.3.3-9.0.1.el5.ppc.rpm bb9b60bbceb4ae79741f3104eaac854a bind-libs-9.3.3-9.0.1.el5.ppc64.rpm 560a72818e5e8dbefc7c1fa260f090b9 bind-sdb-9.3.3-9.0.1.el5.ppc.rpm fe867b512d670856fea05bdf32064b54 bind-utils-9.3.3-9.0.1.el5.ppc.rpm b4e6540caa8640f7650e0f214d4a5d50 caching-nameserver-9.3.3-9.0.1.el5.ppc.rpm 8f4ee539966e0daea7696418ada1f301 s390x: bind-9.3.3-9.0.1.el5.s390x.rpm 51bee837f11dfdea802c59a69c6ee61c bind-chroot-9.3.3-9.0.1.el5.s390x.rpm baedf167fc3aa96fd18a2f25d6bfc984 bind-devel-9.3.3-9.0.1.el5.s390.rpm ee4b8d979bbd687fabb10a2e1677c1b2 bind-devel-9.3.3-9.0.1.el5.s390x.rpm ced42a12887a44a4aa8d346e091db0c3 bind-libbind-devel-9.3.3-9.0.1.el5.s390.rpm d34e95d411db09c92cd174df69195002 bind-libbind-devel-9.3.3-9.0.1.el5.s390x.rpm e7ef97f03aaf4aeaf02cf56111e2ed98 bind-libs-9.3.3-9.0.1.el5.s390.rpm 84401687e2f5b2394a713dc0f99c43f6 bind-libs-9.3.3-9.0.1.el5.s390x.rpm 8ea91964cfc4715631cb8e2004e54591 bind-sdb-9.3.3-9.0.1.el5.s390x.rpm 59babd1fd6475a51fcfdd2d1b9af6245 bind-utils-9.3.3-9.0.1.el5.s390x.rpm b4c8df5f8890195aa03aad8c4edc5996 caching-nameserver-9.3.3-9.0.1.el5.s390x.rpm 894470d84a153158fbcbece16e6a167a x86_64: bind-9.3.3-9.0.1.el5.x86_64.rpm cf69e975e7221f9c09abfdda33502a34 bind-chroot-9.3.3-9.0.1.el5.x86_64.rpm 4b97875dae8eae0e8494228e7a731a0c bind-devel-9.3.3-9.0.1.el5.i386.rpm ceef367ad5340c9c91e105df8bee33ee bind-devel-9.3.3-9.0.1.el5.x86_64.rpm 715cc95c0904875f2e018be81587a248 bind-libbind-devel-9.3.3-9.0.1.el5.i386.rpm 5314d3396abd2f12a230a7d45c21fed6 bind-libbind-devel-9.3.3-9.0.1.el5.x86_64.rpm 87711d9226a74c6936eef018d81f78ff bind-libs-9.3.3-9.0.1.el5.i386.rpm 03a6f324046d5100a0fd237ccd82cad8 bind-libs-9.3.3-9.0.1.el5.x86_64.rpm b362d99d4d619799f328dde6aa5ccb53 bind-sdb-9.3.3-9.0.1.el5.x86_64.rpm 5dd31d761156e33022e38cf75a10511f bind-utils-9.3.3-9.0.1.el5.x86_64.rpm b9c21f996cfeccdbfc403d85dec7b9d4 caching-nameserver-9.3.3-9.0.1.el5.x86_64.rpm 041b4e88566f1721734630c581efc2ff Red Hat Enterprise Linux AS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: bind-9.2.1-9.el2.src.rpm 0c8ba4b33efe377cc1548d6aaacbee5a IA-32: bind-9.2.1-9.el2.i386.rpm e48ca05661626002eb8921bdb19a012d bind-devel-9.2.1-9.el2.i386.rpm 60056d9e993ee88620ac0014e423e56f bind-utils-9.2.1-9.el2.i386.rpm b444d42d156b3d33f6a25f8801364b6a IA-64: bind-9.2.1-9.el2.ia64.rpm 86b0ce8a82bd86465662813a93e2a63c bind-devel-9.2.1-9.el2.ia64.rpm 26fb2751fda3863829902b04ac857c8e bind-utils-9.2.1-9.el2.ia64.rpm d2680d23cbacbf992dc5f6ca8aecf892 Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-21.el3.src.rpm a09211046f0c17bbce5a3d0aca3285aa IA-32: bind-9.2.4-21.el3.i386.rpm d220f6e34eb2836bab33f7f2e02ad518 bind-chroot-9.2.4-21.el3.i386.rpm b25792ce44ea885a6d8377f23d40ced5 bind-devel-9.2.4-21.el3.i386.rpm 6f13daf54f2cb167f5f6fb7718544925 bind-libs-9.2.4-21.el3.i386.rpm 7aa5341f3ee41c4c0220e6cb17e9ee2d bind-utils-9.2.4-21.el3.i386.rpm 2e8120b18fcb4da93ec510aa578ae4d5 IA-64: bind-9.2.4-21.el3.ia64.rpm f03bb01f9d99992e594a019fcb8d8271 bind-chroot-9.2.4-21.el3.ia64.rpm f8d58989891cc13c779c8a8f5ef0fe78 bind-devel-9.2.4-21.el3.ia64.rpm 758a232733ae6a7208ce67d34b0a756a bind-libs-9.2.4-21.el3.ia64.rpm 10b2efb14cbbe49bdbe2dca7a100a36a bind-utils-9.2.4-21.el3.ia64.rpm 5fb1bab98d17cbbaeb604ac4030a5bad PPC: bind-9.2.4-21.el3.ppc.rpm 2ee7b4f0a61965cf3316750f00c03dcf bind-chroot-9.2.4-21.el3.ppc.rpm 76a3bee916d7b07bb31e92444764ded0 bind-devel-9.2.4-21.el3.ppc.rpm da368704f7f4e99c9e2f0dd569b090d7 bind-libs-9.2.4-21.el3.ppc.rpm 530dda99956d14037610101e70cad342 bind-utils-9.2.4-21.el3.ppc.rpm 080e29ab2bdd10c05ad44619681dc26c s390: bind-9.2.4-21.el3.s390.rpm 4b93ed7288a769f3380241c3d5980bcc bind-chroot-9.2.4-21.el3.s390.rpm eacfec840d06fa01cb7c3dda00d54982 bind-devel-9.2.4-21.el3.s390.rpm c144728ad5fa42f150a9b7356d36c9c5 bind-libs-9.2.4-21.el3.s390.rpm 95f09e5e9f070047782b5ee4cc375569 bind-utils-9.2.4-21.el3.s390.rpm c92ca96add0c279e7f0f8d1169966f9d s390x: bind-9.2.4-21.el3.s390x.rpm f0d3618d980296a91664c28128d77505 bind-chroot-9.2.4-21.el3.s390x.rpm 5137c1dea90cd1f6de0e53d9f515a6ad bind-devel-9.2.4-21.el3.s390x.rpm 79668a8bdd9b0c853bbab65a35400c5c bind-libs-9.2.4-21.el3.s390x.rpm dab29336483b2852e736ce9c5f95abcc bind-utils-9.2.4-21.el3.s390x.rpm 24720c291687c00ecb33c076e2445d29 x86_64: bind-9.2.4-21.el3.x86_64.rpm baa4454faf09df30d63ea4744bb73af6 bind-chroot-9.2.4-21.el3.x86_64.rpm ac898a361e0121e74519dc4611d718a2 bind-devel-9.2.4-21.el3.x86_64.rpm 9361d0b01a1cb287ba74803b1aa19158 bind-libs-9.2.4-21.el3.x86_64.rpm 1d857634f9f60e80959aa4c498deed6f bind-utils-9.2.4-21.el3.x86_64.rpm f5086d3e177b473a173ebfd167a35d08 Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-27.0.1.el4.src.rpm 8a62840b27e5451813b66b03ec777950 IA-32: bind-9.2.4-27.0.1.el4.i386.rpm 404c5929efc3d820aac5eb1538fe050f bind-chroot-9.2.4-27.0.1.el4.i386.rpm 0a195740ef290f0297af3fa2dc3cb4af bind-devel-9.2.4-27.0.1.el4.i386.rpm 1d0afc187b1deb1fe2ad9639dfd7813b bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-utils-9.2.4-27.0.1.el4.i386.rpm c7c64dc6a7697e95e3e591d7b69985b2 IA-64: bind-9.2.4-27.0.1.el4.ia64.rpm baadc286c87f1fb45f247a356732ec83 bind-chroot-9.2.4-27.0.1.el4.ia64.rpm 671ba0b04f6b47a0d9cca1806ec011f6 bind-devel-9.2.4-27.0.1.el4.ia64.rpm ac4cdbd7404bea3892dfc8d029673887 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.ia64.rpm ead36e38eaa85ee5bf9f18dad3bac36c bind-utils-9.2.4-27.0.1.el4.ia64.rpm 8cd76da5dfb938640a55acf3b3294f6c PPC: bind-9.2.4-27.0.1.el4.ppc.rpm b2ee792fda8b2da42150d6fc3e0d65ac bind-chroot-9.2.4-27.0.1.el4.ppc.rpm e8ea6d2338338b3afbc19ba653af6e2b bind-devel-9.2.4-27.0.1.el4.ppc.rpm 65e2fe2f3a090c99bee4ffb86d9d048c bind-libs-9.2.4-27.0.1.el4.ppc.rpm 007fa5c46e47b358f140a4d9d3e223c7 bind-libs-9.2.4-27.0.1.el4.ppc64.rpm f9705fce3628d1885694335cf399f345 bind-utils-9.2.4-27.0.1.el4.ppc.rpm 5802fb380f31c38a77af6277944b8cb1 s390: bind-9.2.4-27.0.1.el4.s390.rpm 0351948e7eaeec8234bdc63e947efb9c bind-chroot-9.2.4-27.0.1.el4.s390.rpm c29293a5e7a69d31c549887a390fa4cb bind-devel-9.2.4-27.0.1.el4.s390.rpm 83429676cfd49913f9d3db3bdb00b6d5 bind-libs-9.2.4-27.0.1.el4.s390.rpm 87f9139bc7d7a854316d7e3f8bbf1519 bind-utils-9.2.4-27.0.1.el4.s390.rpm f32313ae178f3f1a8b235118b5d3d1c7 s390x: bind-9.2.4-27.0.1.el4.s390x.rpm 5bd461791d4e11fa5f2b90fe3f1706e8 bind-chroot-9.2.4-27.0.1.el4.s390x.rpm 4614b6cc11e72385a6a60c5cc7fd5d70 bind-devel-9.2.4-27.0.1.el4.s390x.rpm 8617fbefc64d05ae07cb8a340c37cccc bind-libs-9.2.4-27.0.1.el4.s390.rpm 87f9139bc7d7a854316d7e3f8bbf1519 bind-libs-9.2.4-27.0.1.el4.s390x.rpm 6b0c86c26ef6afe72c1b935e914ef278 bind-utils-9.2.4-27.0.1.el4.s390x.rpm 395151594ef7d8c8f9637e3aafff4e3b x86_64: bind-9.2.4-27.0.1.el4.x86_64.rpm 8895bbd051d7a219ff1c85f1ad169a86 bind-chroot-9.2.4-27.0.1.el4.x86_64.rpm f7bb381d5bf8c7085c4fe3a4ed160ac0 bind-devel-9.2.4-27.0.1.el4.x86_64.rpm e56fbac1b22fdc3616f2e2e6fb1cd106 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.x86_64.rpm fc021fd760bef26761894e2b62372b25 bind-utils-9.2.4-27.0.1.el4.x86_64.rpm f7fa67d0cee9193411dbc4df1e176365 Red Hat Enterprise Linux Desktop (v. 5 client) -------------------------------------------------------------------------------- SRPMS: bind-9.3.3-9.0.1.el5.src.rpm a0278783db96704c362d5ad57432a03a IA-32: bind-9.3.3-9.0.1.el5.i386.rpm 3af182bc295cb2ca6d2ef6f564241089 bind-libs-9.3.3-9.0.1.el5.i386.rpm 03a6f324046d5100a0fd237ccd82cad8 bind-sdb-9.3.3-9.0.1.el5.i386.rpm a82c4c553632ecaa9799b3aa933e3e7c bind-utils-9.3.3-9.0.1.el5.i386.rpm 28dff6e25f133fd686cdd9e144a85546 x86_64: bind-9.3.3-9.0.1.el5.x86_64.rpm cf69e975e7221f9c09abfdda33502a34 bind-libs-9.3.3-9.0.1.el5.i386.rpm 03a6f324046d5100a0fd237ccd82cad8 bind-libs-9.3.3-9.0.1.el5.x86_64.rpm b362d99d4d619799f328dde6aa5ccb53 bind-sdb-9.3.3-9.0.1.el5.x86_64.rpm 5dd31d761156e33022e38cf75a10511f bind-utils-9.3.3-9.0.1.el5.x86_64.rpm b9c21f996cfeccdbfc403d85dec7b9d4 Red Hat Enterprise Linux ES (v. 2.1) -------------------------------------------------------------------------------- SRPMS: bind-9.2.1-9.el2.src.rpm 0c8ba4b33efe377cc1548d6aaacbee5a IA-32: bind-9.2.1-9.el2.i386.rpm e48ca05661626002eb8921bdb19a012d bind-devel-9.2.1-9.el2.i386.rpm 60056d9e993ee88620ac0014e423e56f bind-utils-9.2.1-9.el2.i386.rpm b444d42d156b3d33f6a25f8801364b6a Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-21.el3.src.rpm a09211046f0c17bbce5a3d0aca3285aa IA-32: bind-9.2.4-21.el3.i386.rpm d220f6e34eb2836bab33f7f2e02ad518 bind-chroot-9.2.4-21.el3.i386.rpm b25792ce44ea885a6d8377f23d40ced5 bind-devel-9.2.4-21.el3.i386.rpm 6f13daf54f2cb167f5f6fb7718544925 bind-libs-9.2.4-21.el3.i386.rpm 7aa5341f3ee41c4c0220e6cb17e9ee2d bind-utils-9.2.4-21.el3.i386.rpm 2e8120b18fcb4da93ec510aa578ae4d5 IA-64: bind-9.2.4-21.el3.ia64.rpm f03bb01f9d99992e594a019fcb8d8271 bind-chroot-9.2.4-21.el3.ia64.rpm f8d58989891cc13c779c8a8f5ef0fe78 bind-devel-9.2.4-21.el3.ia64.rpm 758a232733ae6a7208ce67d34b0a756a bind-libs-9.2.4-21.el3.ia64.rpm 10b2efb14cbbe49bdbe2dca7a100a36a bind-utils-9.2.4-21.el3.ia64.rpm 5fb1bab98d17cbbaeb604ac4030a5bad x86_64: bind-9.2.4-21.el3.x86_64.rpm baa4454faf09df30d63ea4744bb73af6 bind-chroot-9.2.4-21.el3.x86_64.rpm ac898a361e0121e74519dc4611d718a2 bind-devel-9.2.4-21.el3.x86_64.rpm 9361d0b01a1cb287ba74803b1aa19158 bind-libs-9.2.4-21.el3.x86_64.rpm 1d857634f9f60e80959aa4c498deed6f bind-utils-9.2.4-21.el3.x86_64.rpm f5086d3e177b473a173ebfd167a35d08 Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-27.0.1.el4.src.rpm 8a62840b27e5451813b66b03ec777950 IA-32: bind-9.2.4-27.0.1.el4.i386.rpm 404c5929efc3d820aac5eb1538fe050f bind-chroot-9.2.4-27.0.1.el4.i386.rpm 0a195740ef290f0297af3fa2dc3cb4af bind-devel-9.2.4-27.0.1.el4.i386.rpm 1d0afc187b1deb1fe2ad9639dfd7813b bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-utils-9.2.4-27.0.1.el4.i386.rpm c7c64dc6a7697e95e3e591d7b69985b2 IA-64: bind-9.2.4-27.0.1.el4.ia64.rpm baadc286c87f1fb45f247a356732ec83 bind-chroot-9.2.4-27.0.1.el4.ia64.rpm 671ba0b04f6b47a0d9cca1806ec011f6 bind-devel-9.2.4-27.0.1.el4.ia64.rpm ac4cdbd7404bea3892dfc8d029673887 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.ia64.rpm ead36e38eaa85ee5bf9f18dad3bac36c bind-utils-9.2.4-27.0.1.el4.ia64.rpm 8cd76da5dfb938640a55acf3b3294f6c x86_64: bind-9.2.4-27.0.1.el4.x86_64.rpm 8895bbd051d7a219ff1c85f1ad169a86 bind-chroot-9.2.4-27.0.1.el4.x86_64.rpm f7bb381d5bf8c7085c4fe3a4ed160ac0 bind-devel-9.2.4-27.0.1.el4.x86_64.rpm e56fbac1b22fdc3616f2e2e6fb1cd106 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.x86_64.rpm fc021fd760bef26761894e2b62372b25 bind-utils-9.2.4-27.0.1.el4.x86_64.rpm f7fa67d0cee9193411dbc4df1e176365 Red Hat Enterprise Linux WS (v. 2.1) -------------------------------------------------------------------------------- SRPMS: bind-9.2.1-9.el2.src.rpm 0c8ba4b33efe377cc1548d6aaacbee5a IA-32: bind-9.2.1-9.el2.i386.rpm e48ca05661626002eb8921bdb19a012d bind-devel-9.2.1-9.el2.i386.rpm 60056d9e993ee88620ac0014e423e56f bind-utils-9.2.1-9.el2.i386.rpm b444d42d156b3d33f6a25f8801364b6a Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-21.el3.src.rpm a09211046f0c17bbce5a3d0aca3285aa IA-32: bind-9.2.4-21.el3.i386.rpm d220f6e34eb2836bab33f7f2e02ad518 bind-chroot-9.2.4-21.el3.i386.rpm b25792ce44ea885a6d8377f23d40ced5 bind-devel-9.2.4-21.el3.i386.rpm 6f13daf54f2cb167f5f6fb7718544925 bind-libs-9.2.4-21.el3.i386.rpm 7aa5341f3ee41c4c0220e6cb17e9ee2d bind-utils-9.2.4-21.el3.i386.rpm 2e8120b18fcb4da93ec510aa578ae4d5 IA-64: bind-9.2.4-21.el3.ia64.rpm f03bb01f9d99992e594a019fcb8d8271 bind-chroot-9.2.4-21.el3.ia64.rpm f8d58989891cc13c779c8a8f5ef0fe78 bind-devel-9.2.4-21.el3.ia64.rpm 758a232733ae6a7208ce67d34b0a756a bind-libs-9.2.4-21.el3.ia64.rpm 10b2efb14cbbe49bdbe2dca7a100a36a bind-utils-9.2.4-21.el3.ia64.rpm 5fb1bab98d17cbbaeb604ac4030a5bad x86_64: bind-9.2.4-21.el3.x86_64.rpm baa4454faf09df30d63ea4744bb73af6 bind-chroot-9.2.4-21.el3.x86_64.rpm ac898a361e0121e74519dc4611d718a2 bind-devel-9.2.4-21.el3.x86_64.rpm 9361d0b01a1cb287ba74803b1aa19158 bind-libs-9.2.4-21.el3.x86_64.rpm 1d857634f9f60e80959aa4c498deed6f bind-utils-9.2.4-21.el3.x86_64.rpm f5086d3e177b473a173ebfd167a35d08 Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: bind-9.2.4-27.0.1.el4.src.rpm 8a62840b27e5451813b66b03ec777950 IA-32: bind-9.2.4-27.0.1.el4.i386.rpm 404c5929efc3d820aac5eb1538fe050f bind-chroot-9.2.4-27.0.1.el4.i386.rpm 0a195740ef290f0297af3fa2dc3cb4af bind-devel-9.2.4-27.0.1.el4.i386.rpm 1d0afc187b1deb1fe2ad9639dfd7813b bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-utils-9.2.4-27.0.1.el4.i386.rpm c7c64dc6a7697e95e3e591d7b69985b2 IA-64: bind-9.2.4-27.0.1.el4.ia64.rpm baadc286c87f1fb45f247a356732ec83 bind-chroot-9.2.4-27.0.1.el4.ia64.rpm 671ba0b04f6b47a0d9cca1806ec011f6 bind-devel-9.2.4-27.0.1.el4.ia64.rpm ac4cdbd7404bea3892dfc8d029673887 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.ia64.rpm ead36e38eaa85ee5bf9f18dad3bac36c bind-utils-9.2.4-27.0.1.el4.ia64.rpm 8cd76da5dfb938640a55acf3b3294f6c x86_64: bind-9.2.4-27.0.1.el4.x86_64.rpm 8895bbd051d7a219ff1c85f1ad169a86 bind-chroot-9.2.4-27.0.1.el4.x86_64.rpm f7bb381d5bf8c7085c4fe3a4ed160ac0 bind-devel-9.2.4-27.0.1.el4.x86_64.rpm e56fbac1b22fdc3616f2e2e6fb1cd106 bind-libs-9.2.4-27.0.1.el4.i386.rpm 7d554753c5b105a54af7c139559930fb bind-libs-9.2.4-27.0.1.el4.x86_64.rpm fc021fd760bef26761894e2b62372b25 bind-utils-9.2.4-27.0.1.el4.x86_64.rpm f7fa67d0cee9193411dbc4df1e176365 Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor -------------------------------------------------------------------------------- SRPMS: bind-9.2.1-9.el2.src.rpm 0c8ba4b33efe377cc1548d6aaacbee5a IA-64: bind-9.2.1-9.el2.ia64.rpm 86b0ce8a82bd86465662813a93e2a63c bind-devel-9.2.1-9.el2.ia64.rpm 26fb2751fda3863829902b04ac857c8e bind-utils-9.2.1-9.el2.ia64.rpm d2680d23cbacbf992dc5f6ca8aecf892 (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 248851 - CVE-2007-2926 bind cryptographically weak query ids References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926 http://www.redhat.com/security/updates/classification/#moderate -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA-2007:0740-2 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-303: VideoLan Vulnerability R-304: Java Runtime Environment Vulnerability R-305: Tomcat Security Update R-306: Trilliam Instant Messenger Client Vulnerability R-307: Apple QuickTime 7.2 R-308: Oracle Critical Patch Update - July 2007 R-309: Mozilla Products Security Update R-310: Gimp Security Vulnerabilities R-311: FreeType Vulnerability R-312: Apache Tomcat Vulnerability