Red Hat Product Errata RHSA-2007:0675 - Security Advisory
Issued:
2007-07-12
Updated:
2007-07-12

RHSA-2007:0675 - Security Advisory

Synopsis

Moderate: perl-Net-DNS security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An updated perl-Net-DNS package that corrects a security issue is now
available for Red Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

Net::DNS is a collection of Perl modules that act as a Domain Name System
(DNS) resolver.

A flaw was found in the way Net::DNS generated the ID field in a DNS query.
This predictable ID field could be used by a remote attacker to return
invalid DNS data. (CVE-2007-3377)

Users of Net::DNS should upgrade to this updated package, which contains
backported patches to correct this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5 ppc

Fixes

  • BZ - 245466 - CVE-2007-3377 perl-net-DNS security issue

Red Hat Enterprise Linux Server 4

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
x86_64
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
ia64
perl-Net-DNS-0.48-2.el4.ia64.rpm SHA-256: 46eeba98e875e3762a3e50be9368a9e39b3f5bb2cd2c694af647a98a15bb3bb1
perl-Net-DNS-0.48-2.el4.ia64.rpm SHA-256: 46eeba98e875e3762a3e50be9368a9e39b3f5bb2cd2c694af647a98a15bb3bb1
i386
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.5

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
x86_64
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
ia64
perl-Net-DNS-0.48-2.el4.ia64.rpm SHA-256: 46eeba98e875e3762a3e50be9368a9e39b3f5bb2cd2c694af647a98a15bb3bb1
perl-Net-DNS-0.48-2.el4.ia64.rpm SHA-256: 46eeba98e875e3762a3e50be9368a9e39b3f5bb2cd2c694af647a98a15bb3bb1
i386
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31

Red Hat Enterprise Linux Workstation 4

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
x86_64
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
ia64
perl-Net-DNS-0.48-2.el4.ia64.rpm SHA-256: 46eeba98e875e3762a3e50be9368a9e39b3f5bb2cd2c694af647a98a15bb3bb1
i386
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31

Red Hat Enterprise Linux Desktop 4

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
x86_64
perl-Net-DNS-0.48-2.el4.x86_64.rpm SHA-256: 934164a013ab1518427616627d32067129892d6d80e15e1d0580d642d8a0895d
i386
perl-Net-DNS-0.48-2.el4.i386.rpm SHA-256: 2d7889199e0cf5f58be14a16c85c6289960f9b831536e0bfabd551bac960df31

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
s390x
perl-Net-DNS-0.48-2.el4.s390x.rpm SHA-256: 4fedcad4f60b8336e9bb8798a5e066b38c6207df7bc457db0541376b65b7be1d
s390
perl-Net-DNS-0.48-2.el4.s390.rpm SHA-256: b30582026bd2eefac052d7fb2e37f58759ab27466e08a6f93a8fe560bd7f3a90

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.5

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
s390x
perl-Net-DNS-0.48-2.el4.s390x.rpm SHA-256: 4fedcad4f60b8336e9bb8798a5e066b38c6207df7bc457db0541376b65b7be1d
s390
perl-Net-DNS-0.48-2.el4.s390.rpm SHA-256: b30582026bd2eefac052d7fb2e37f58759ab27466e08a6f93a8fe560bd7f3a90

Red Hat Enterprise Linux for Power, big endian 4

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
ppc
perl-Net-DNS-0.48-2.el4.ppc.rpm SHA-256: 15526a903960528efb8924b13289aa3db405dc8fceeb63814cebe13ca5ada77e

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.5

SRPM
perl-Net-DNS-0.48-2.el4.src.rpm SHA-256: e7cc1d5ff855bdce4ef11216495824722fa2ce4517a55f9f77efc467224c276f
ppc
perl-Net-DNS-0.48-2.el4.ppc.rpm SHA-256: 15526a903960528efb8924b13289aa3db405dc8fceeb63814cebe13ca5ada77e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.