On 10/22/07, Ralph Angenendt <ra+centos at br-online.de> wrote: > > Indunil Jayasooriya wrote: > > > > [admin at juwel ~]$ rpm -q --changelog bind-libs|grep CVE > > > > - fixed cryptographically weak query id generator (CVE-2007-2926) > > So that has been fixed, as you have been told on Jul 25th. Why > bring > > that up again? > > > > Really sorry. > > I also checked. pls see below. > > [root at mailgw named]# rpm -q --changelog bind-libs|grep CVE > > - added fix for #225222: CVE-2007-0494 BIND dnssec denial of service > > So which version of bind is that? [root at mailgw named]# rpm -qa |grep bind bind-utils-9.2.4-24.EL4 bind-libs-9.2.4-24.EL4 bind-9.2.4-24.EL4 bind-chroot-9.2.4-24.EL4 Did you update it? I now checked. the below are the latest @ CentOS 4 branch. I am going to update to the below. http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-9.2.4-27.0.1.el4.i386.rpm http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-chroot-9.2.4-27.0.1.el4.i386.rpm http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-libs-9.2.4-27.0.1.el4.i386.rpm http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-utils-9.2.4-27.0.1.el4.i386.rpm -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20071022/8a7e4ee4/attachment-0005.html>