Red Hat Product Errata RHSA-2011:1496 - Security Advisory

Issued:: 2011-11-29
Updated:: 2011-11-29

RHSA-2011:1496 - Security Advisory

Overview
Updated Packages

Synopsis

Important: bind security update

Type/Severity

Security Advisory: Important

Topic

Updated bind packages that fix one security issue are now available for
Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from the
CVE link in the References section.

Description

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain
Name System (DNS) protocols. BIND includes a DNS server (named); a resolver
library (routines for applications to use when interfacing with DNS); and
tools for verifying that the DNS server is operating correctly.

A flaw was discovered in the way BIND handled certain DNS queries, which
caused it to cache an invalid record. A remote attacker could use this
flaw to send repeated queries for this invalid record, causing the
resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313)

Users of bind are advised to upgrade to these updated packages, which
resolve this issue. After installing the update, the BIND daemon (named)
will be restarted automatically.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc

Fixes

BZ - 754398 - CVE-2011-4313 bind: Remote denial of service against recursive servers via logging negative cache entry

CVEs

CVE-2011-4313

References

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
bind-9.2.4-38.el4.src.rpm	SHA-256: 33e8f3134fa8e6f754f54ad5c2b910029d22a6ae7a33f010461d81469d78b66d
x86_64
bind-9.2.4-38.el4.x86_64.rpm	SHA-256: 089ae3adbef8a334ba65960a4a0d03ff8031ef7d3af71c9aa1d75e1ff22e6630
bind-9.2.4-38.el4.x86_64.rpm	SHA-256: 089ae3adbef8a334ba65960a4a0d03ff8031ef7d3af71c9aa1d75e1ff22e6630
bind-chroot-9.2.4-38.el4.x86_64.rpm	SHA-256: c859d3e80942fdd9ade9416139a0346c93bc4941e7d981cd7bd6043de639b855
bind-chroot-9.2.4-38.el4.x86_64.rpm	SHA-256: c859d3e80942fdd9ade9416139a0346c93bc4941e7d981cd7bd6043de639b855
bind-devel-9.2.4-38.el4.x86_64.rpm	SHA-256: 2fa32b24807efe5825d1d12e72ef235ea447de21344e2e7cb45f26d998b7160c
bind-devel-9.2.4-38.el4.x86_64.rpm	SHA-256: 2fa32b24807efe5825d1d12e72ef235ea447de21344e2e7cb45f26d998b7160c
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.x86_64.rpm	SHA-256: 11840c5e52bb7e20864b26a26c02d310b8477c4835c434a4e072ff1023f4185d
bind-libs-9.2.4-38.el4.x86_64.rpm	SHA-256: 11840c5e52bb7e20864b26a26c02d310b8477c4835c434a4e072ff1023f4185d
bind-utils-9.2.4-38.el4.x86_64.rpm	SHA-256: 2993600d400b69fe0a76b18e576dad430aa665804bd0f08c9054d1610d4f51af
bind-utils-9.2.4-38.el4.x86_64.rpm	SHA-256: 2993600d400b69fe0a76b18e576dad430aa665804bd0f08c9054d1610d4f51af
ia64
bind-9.2.4-38.el4.ia64.rpm	SHA-256: 05543b2cdaf9d44c16e03277cb792ce91a0fffdca5fa6abc2f65f13469884310
bind-9.2.4-38.el4.ia64.rpm	SHA-256: 05543b2cdaf9d44c16e03277cb792ce91a0fffdca5fa6abc2f65f13469884310
bind-chroot-9.2.4-38.el4.ia64.rpm	SHA-256: c14dbf66a51509f9987fb0fa8fb329de81013791edf02ed81c939c77968a1dde
bind-chroot-9.2.4-38.el4.ia64.rpm	SHA-256: c14dbf66a51509f9987fb0fa8fb329de81013791edf02ed81c939c77968a1dde
bind-devel-9.2.4-38.el4.ia64.rpm	SHA-256: 9035c0af74531fba4e4de7543c76952598928c5599fdae3da9baea8c39acb739
bind-devel-9.2.4-38.el4.ia64.rpm	SHA-256: 9035c0af74531fba4e4de7543c76952598928c5599fdae3da9baea8c39acb739
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.ia64.rpm	SHA-256: 7556c436b19b5a32567f9af7fa7a86927cf6e107bfb1be3ead9eec54cc55f60a
bind-libs-9.2.4-38.el4.ia64.rpm	SHA-256: 7556c436b19b5a32567f9af7fa7a86927cf6e107bfb1be3ead9eec54cc55f60a
bind-utils-9.2.4-38.el4.ia64.rpm	SHA-256: 0d6849318c12763a4a5df8b812dea7c388a1711a65f250e51d7258273fb94784
bind-utils-9.2.4-38.el4.ia64.rpm	SHA-256: 0d6849318c12763a4a5df8b812dea7c388a1711a65f250e51d7258273fb94784
i386
bind-9.2.4-38.el4.i386.rpm	SHA-256: f8ee023d0ff57f61ce7a47c5ab0ad9506cc9d618b6cf1089571c3c74107b6e20
bind-9.2.4-38.el4.i386.rpm	SHA-256: f8ee023d0ff57f61ce7a47c5ab0ad9506cc9d618b6cf1089571c3c74107b6e20
bind-chroot-9.2.4-38.el4.i386.rpm	SHA-256: 47a40d452ceb9ab973deefe6faf97f75be1f83342153064ec27851b7c92dbefe
bind-chroot-9.2.4-38.el4.i386.rpm	SHA-256: 47a40d452ceb9ab973deefe6faf97f75be1f83342153064ec27851b7c92dbefe
bind-devel-9.2.4-38.el4.i386.rpm	SHA-256: e6673833ecc213294e3bace3a3b603a7ebd3250e3b81f9da8e38e8e7fd869cac
bind-devel-9.2.4-38.el4.i386.rpm	SHA-256: e6673833ecc213294e3bace3a3b603a7ebd3250e3b81f9da8e38e8e7fd869cac
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-utils-9.2.4-38.el4.i386.rpm	SHA-256: 7ffdeb751b10b1f2349014039b74e872f4d871446383d74ea58dff26e8fac558
bind-utils-9.2.4-38.el4.i386.rpm	SHA-256: 7ffdeb751b10b1f2349014039b74e872f4d871446383d74ea58dff26e8fac558

Red Hat Enterprise Linux Workstation 4

SRPM
bind-9.2.4-38.el4.src.rpm	SHA-256: 33e8f3134fa8e6f754f54ad5c2b910029d22a6ae7a33f010461d81469d78b66d
x86_64
bind-9.2.4-38.el4.x86_64.rpm	SHA-256: 089ae3adbef8a334ba65960a4a0d03ff8031ef7d3af71c9aa1d75e1ff22e6630
bind-chroot-9.2.4-38.el4.x86_64.rpm	SHA-256: c859d3e80942fdd9ade9416139a0346c93bc4941e7d981cd7bd6043de639b855
bind-devel-9.2.4-38.el4.x86_64.rpm	SHA-256: 2fa32b24807efe5825d1d12e72ef235ea447de21344e2e7cb45f26d998b7160c
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.x86_64.rpm	SHA-256: 11840c5e52bb7e20864b26a26c02d310b8477c4835c434a4e072ff1023f4185d
bind-utils-9.2.4-38.el4.x86_64.rpm	SHA-256: 2993600d400b69fe0a76b18e576dad430aa665804bd0f08c9054d1610d4f51af
ia64
bind-9.2.4-38.el4.ia64.rpm	SHA-256: 05543b2cdaf9d44c16e03277cb792ce91a0fffdca5fa6abc2f65f13469884310
bind-chroot-9.2.4-38.el4.ia64.rpm	SHA-256: c14dbf66a51509f9987fb0fa8fb329de81013791edf02ed81c939c77968a1dde
bind-devel-9.2.4-38.el4.ia64.rpm	SHA-256: 9035c0af74531fba4e4de7543c76952598928c5599fdae3da9baea8c39acb739
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.ia64.rpm	SHA-256: 7556c436b19b5a32567f9af7fa7a86927cf6e107bfb1be3ead9eec54cc55f60a
bind-utils-9.2.4-38.el4.ia64.rpm	SHA-256: 0d6849318c12763a4a5df8b812dea7c388a1711a65f250e51d7258273fb94784
i386
bind-9.2.4-38.el4.i386.rpm	SHA-256: f8ee023d0ff57f61ce7a47c5ab0ad9506cc9d618b6cf1089571c3c74107b6e20
bind-chroot-9.2.4-38.el4.i386.rpm	SHA-256: 47a40d452ceb9ab973deefe6faf97f75be1f83342153064ec27851b7c92dbefe
bind-devel-9.2.4-38.el4.i386.rpm	SHA-256: e6673833ecc213294e3bace3a3b603a7ebd3250e3b81f9da8e38e8e7fd869cac
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-utils-9.2.4-38.el4.i386.rpm	SHA-256: 7ffdeb751b10b1f2349014039b74e872f4d871446383d74ea58dff26e8fac558

Red Hat Enterprise Linux Desktop 4

SRPM
bind-9.2.4-38.el4.src.rpm	SHA-256: 33e8f3134fa8e6f754f54ad5c2b910029d22a6ae7a33f010461d81469d78b66d
x86_64
bind-9.2.4-38.el4.x86_64.rpm	SHA-256: 089ae3adbef8a334ba65960a4a0d03ff8031ef7d3af71c9aa1d75e1ff22e6630
bind-chroot-9.2.4-38.el4.x86_64.rpm	SHA-256: c859d3e80942fdd9ade9416139a0346c93bc4941e7d981cd7bd6043de639b855
bind-devel-9.2.4-38.el4.x86_64.rpm	SHA-256: 2fa32b24807efe5825d1d12e72ef235ea447de21344e2e7cb45f26d998b7160c
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-libs-9.2.4-38.el4.x86_64.rpm	SHA-256: 11840c5e52bb7e20864b26a26c02d310b8477c4835c434a4e072ff1023f4185d
bind-utils-9.2.4-38.el4.x86_64.rpm	SHA-256: 2993600d400b69fe0a76b18e576dad430aa665804bd0f08c9054d1610d4f51af
i386
bind-9.2.4-38.el4.i386.rpm	SHA-256: f8ee023d0ff57f61ce7a47c5ab0ad9506cc9d618b6cf1089571c3c74107b6e20
bind-chroot-9.2.4-38.el4.i386.rpm	SHA-256: 47a40d452ceb9ab973deefe6faf97f75be1f83342153064ec27851b7c92dbefe
bind-devel-9.2.4-38.el4.i386.rpm	SHA-256: e6673833ecc213294e3bace3a3b603a7ebd3250e3b81f9da8e38e8e7fd869cac
bind-libs-9.2.4-38.el4.i386.rpm	SHA-256: fff3129f006e4444bc1e858ae16d6137f29d6b1b47abe47cbee56760180be9d0
bind-utils-9.2.4-38.el4.i386.rpm	SHA-256: 7ffdeb751b10b1f2349014039b74e872f4d871446383d74ea58dff26e8fac558

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
bind-9.2.4-38.el4.src.rpm	SHA-256: 33e8f3134fa8e6f754f54ad5c2b910029d22a6ae7a33f010461d81469d78b66d
s390x
bind-9.2.4-38.el4.s390x.rpm	SHA-256: 1cb6afd79953fc961c38badd4d514af5034fcdc4cbc58252866666766435a3a0
bind-chroot-9.2.4-38.el4.s390x.rpm	SHA-256: f0105e0672c72aa07e688f19fd31cd7f6475a91f3b28460f6e85f76d6ab3bb9e
bind-devel-9.2.4-38.el4.s390x.rpm	SHA-256: 943387815dc8d6106e0bbcca91fc3a435bf674a58448251a208e26892b1b5872
bind-libs-9.2.4-38.el4.s390.rpm	SHA-256: 3b1bc0bed177283b1362eb079d81eb48764856ea7d51ea2eea583e7ad1066dcf
bind-libs-9.2.4-38.el4.s390x.rpm	SHA-256: 6ce32ff194288de807a589693e87be738ac048c3208bf5d529c0bc760cc9bcde
bind-utils-9.2.4-38.el4.s390x.rpm	SHA-256: 2e5461803af3fa7fb6977cc2d3d3020066f5811abff5a0ad6bcaa800165b6616
s390
bind-9.2.4-38.el4.s390.rpm	SHA-256: 56aaf1886803c7db29a8e199a82791989b732d85ea2a0a1c7e410f2036c5f7e8
bind-chroot-9.2.4-38.el4.s390.rpm	SHA-256: df5aaa98a9f0f442ff4ccc2a8984ffade581810630752a14944f11464096f8a2
bind-devel-9.2.4-38.el4.s390.rpm	SHA-256: 4aa76ab8d0befcdec1f26ada06fb5128188a12d70b291ca891e9339fe43b8ab0
bind-libs-9.2.4-38.el4.s390.rpm	SHA-256: 3b1bc0bed177283b1362eb079d81eb48764856ea7d51ea2eea583e7ad1066dcf
bind-utils-9.2.4-38.el4.s390.rpm	SHA-256: 4514b92e97145a744575f383cad96863b3c377e2abd89f467fae5b09f22cfb1c

Red Hat Enterprise Linux for Power, big endian 4

SRPM
bind-9.2.4-38.el4.src.rpm	SHA-256: 33e8f3134fa8e6f754f54ad5c2b910029d22a6ae7a33f010461d81469d78b66d
ppc
bind-9.2.4-38.el4.ppc.rpm	SHA-256: ad4018e1d9b1b8990a2ca797324318f8fb2a8d6da4dbaff9029a66bf7d6f04c0
bind-chroot-9.2.4-38.el4.ppc.rpm	SHA-256: 1318533f892e668c41583dea0d49486af03b3a226fdb3ccf36c4854c84186709
bind-devel-9.2.4-38.el4.ppc.rpm	SHA-256: e362535e79b12ea3c9d779790e78edf7dad282b732c44d31bdb00cb2f1974594
bind-libs-9.2.4-38.el4.ppc.rpm	SHA-256: 993ca15dce79fbe459112f854a91a7f8ced256895f64efcdaf2497b0fe45676d
bind-libs-9.2.4-38.el4.ppc64.rpm	SHA-256: 0cb5f61c67e80310a6f90fa42e08cbef2090f7aa3afb1d3cf010710633ead3b2
bind-utils-9.2.4-38.el4.ppc.rpm	SHA-256: 9249ca2e349ed01638030b1c1954b1a31b4388928caba32670fbc96febc3c414

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories