On 10/22/07, Ralph Angenendt ra+centos@br-online.de wrote:
Indunil Jayasooriya wrote:
[admin@juwel ~]$ rpm -q --changelog bind-libs|grep CVE
- fixed cryptographically weak query id generator (CVE-2007-2926) So that has been fixed, as you have been told on Jul 25th. Whybring
that up again?Really sorry. I also checked. pls see below. [root@mailgw named]# rpm -q --changelog bind-libs|grep CVE
- added fix for #225222: CVE-2007-0494 BIND dnssec denial of service
So which version of bind is that?
[root@mailgw named]# rpm -qa |grep bind
bind-utils-9.2.4-24.EL4 bind-libs-9.2.4-24.EL4 bind-9.2.4-24.EL4 bind-chroot-9.2.4-24.EL4
Did you update it?
I now checked. the below are the latest @ CentOS 4 branch. I am going to update to the below.
http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-9.2.4-27.0.1.e... http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-chroot-9.2.4-2... http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-libs-9.2.4-27.... http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-utils-9.2.4-27...