[CentOS] BIND vulnerability

Thu Jul 30 17:59:38 UTC 2009
Ned Slider <ned at unixmail.co.uk>

Benjamin Franz wrote:
> Bob Hoffman wrote:
>>  Been watching the bind thing for a few days and waiting for my daily yum to
>> update.
>> Finally did it by hand and got an interesting message.
>>
>> The python dependency killed my yum...lol. A quick look online and I see a
>> few thousand fedora and redhat issues with this python thing. Strange that
>> it is trying to install a package update only to find that package is not
>> there..... Yeesh
>>
>> But was able to run yum update bind and get the issues resolved.
>>
>>
>> --> Running transaction check
>> ---> Package python.x86_64 0:2.4.3-24.el5_3.6 set to be updated
>> --> Processing Dependency: /usr/lib64/python2.4 for package: libxslt-python
>> --> Processing Dependency: /usr/lib64/python2.4 for package: gamin-python
>> --> Processing Dependency: /usr/lib64/python2.4 for package: libxml2-python
>> --> Finished Dependency Resolution
>> libxslt-python-1.1.17-2.el5_2.2.x86_64 from installed has depsolving
>> problems
>>   --> Missing Dependency: /usr/lib64/python2.4 is needed by package
>> libxslt-python-1.1.17-2.el5_2.2.x86_64 (installed)
>> libxml2-python-2.6.26-2.1.2.7.x86_64 from installed has depsolving problems
>>   --> Missing Dependency: /usr/lib64/python2.4 is needed by package
>> libxml2-python-2.6.26-2.1.2.7.x86_64 (installed)
>> gamin-python-0.1.7-8.el5.x86_64 from installed has depsolving problems
>>   --> Missing Dependency: /usr/lib64/python2.4 is needed by package
>> gamin-python-0.1.7-8.el5.x86_64 (installed)
>> Error: Missing Dependency: /usr/lib64/python2.4 is needed by package
>> libxslt-python-1.1.17-2.el5_2.2.x86_64 (installed)
>> Error: Missing Dependency: /usr/lib64/python2.4 is needed by package
>> libxml2-python-2.6.26-2.1.2.7.x86_64 (installed)
>> Error: Missing Dependency: /usr/lib64/python2.4 is needed by package
>> gamin-python-0.1.7-8.el5.x86_64 (installed)
>>
>> _
> 
> Try doing: yum clean all && yum update
> 
> That did it for me.
> 
> Thanks goes to John R. Dennison for the fix.
> 

The "fix" has been available for a long time:

https://rhn.redhat.com/errata/RHBA-2009-0440.html