On 10/22/07, Ralph Angenendt <ra+centos@br-online.de> wrote:
Indunil Jayasooriya wrote:
>
>    [admin@juwel ~]$ rpm -q --changelog bind-libs|grep CVE
>
>      - fixed cryptographically weak query id generator (CVE-2007-2926)
>      So that has been fixed, as you have been told on Jul 25th. Why bring
>      that up again?
>
>    Really sorry.
>    I also checked. pls see below.
>    [root@mailgw named]# rpm -q --changelog bind-libs|grep CVE
>    - added fix for #225222: CVE-2007-0494 BIND dnssec denial of service

So which version of bind is that?

[root@mailgw named]# rpm -qa |grep bind

bind-utils-9.2.4-24.EL4
bind-libs-9.2.4-24.EL4
bind-9.2.4-24.EL4
bind-chroot-9.2.4-24.EL4

 
Did you update it? 

I now checked. the below are the latest @ CentOS 4 branch. I am going to update to the below.


http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-9.2.4-27.0.1.el4.i386.rpm
http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-chroot-9.2.4-27.0.1.el4.i386.rpm
http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-libs-9.2.4-27.0.1.el4.i386.rpm
http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-utils-9.2.4-27.0.1.el4.i386.rpm



--
Thank you
Indunil Jayasooriya