what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2011-176-2

Mandriva Linux Security Advisory 2011-176-2
Posted Nov 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory had wrong release numbers effectively preventing installation without excessive force due previous packaging mistakes. This advisory provides corrected packages to address the problem.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
SHA-256 | ccd137aa0b24aef21172472dc46e7a951f9dd172c796924eb97f853d35de3735

Mandriva Linux Security Advisory 2011-176-2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:176-2
http://www.mandriva.com/security/
_______________________________________________________________________

Package : bind
Date : November 18, 2011
Affected: 2010.1, Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A vulnerability was discovered and corrected in bind:

Cache lookup could return RRSIG data associated with nonexistent
records, leading to an assertion failure. [ISC RT #26590]
(CVE-2011-4313).

The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1
which is not vulnerable to this issue.

Update:

Packages provided for Mandriva Enterprise Server 5.2 and Mandriva
Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory
had wrong release numbers effectively preventing installation without
excessive force due previous packaging mistakes. This advisory provides
corrected packages to address the problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
http://www.isc.org/software/bind/advisories/cve-2011-4313
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
f39bf36a6c1338c67750fdc06e6c9938 2010.1/i586/bind-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
18ddb3de45d1803f42690d29f193ad51 2010.1/i586/bind-devel-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
44a8b036db1c7658f40c6c29ca94a9b2 2010.1/i586/bind-doc-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
f65351bd5fa6fc2e71e6985613f30a13 2010.1/i586/bind-utils-9.7.4-0.1.P1.1.1mdv2010.2.i586.rpm
77c232d55313bc0758a26ec95e1f2462 2010.1/SRPMS/bind-9.7.4-0.1.P1.1.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
921dc324393e6b72ec9af179636843a4 2010.1/x86_64/bind-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
738901860b2e5a878338086e06ab62f7 2010.1/x86_64/bind-devel-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
2091b711bf18faec158f2be894d3deed 2010.1/x86_64/bind-doc-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
30da2bada8620c4f7e59db23924da8ee 2010.1/x86_64/bind-utils-9.7.4-0.1.P1.1.1mdv2010.2.x86_64.rpm
77c232d55313bc0758a26ec95e1f2462 2010.1/SRPMS/bind-9.7.4-0.1.P1.1.1mdv2010.2.src.rpm

Mandriva Enterprise Server 5:
73d2fef181508b237fc0d74a18c9fc4a mes5/i586/bind-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
ffe081e6ec682e94c1578d4f4c3f5afc mes5/i586/bind-devel-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
8aa53e66aaac5813521c637f300690aa mes5/i586/bind-doc-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
80adc93320f5aaabc031252a8e74a494 mes5/i586/bind-utils-9.7.4-0.1.P1.1.1mdvmes5.2.i586.rpm
6e7372177265cf8aba76855f8577f333 mes5/SRPMS/bind-9.7.4-0.1.P1.1.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
81f88df7104598d1cecfaf07c20e539e mes5/x86_64/bind-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
e148d06c5e27c014974361a88bf6b66f mes5/x86_64/bind-devel-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
0deff4d64a7a0cfc2542d9a6a4539e8b mes5/x86_64/bind-doc-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
771f3758a10b8ef8c4a01ceaa6c6e4bc mes5/x86_64/bind-utils-9.7.4-0.1.P1.1.1mdvmes5.2.x86_64.rpm
6e7372177265cf8aba76855f8577f333 mes5/SRPMS/bind-9.7.4-0.1.P1.1.1mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFOxkXwmqjQ0CJFipgRAp3YAJ0Xo94vNtFUfsTHI8kbQotHKJ5JFwCggLXg
w7F+KMFHmoO0i3407rWefGI=
=L8A3
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close